#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sss-certmap.5.xml:5 #: sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 #: sss_obfuscate.8.xml:5 sss_override.8.xml:5 sss_useradd.8.xml:5 #: sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 #: sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 #: sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 #: sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 #: sss_ssh_knownhostsproxy.1.xml:5 idmap_sss.8.xml:5 sssctl.8.xml:5 #: sssd-files.5.xml:5 sssd-secrets.5.xml:5 sssd-session-recording.5.xml:5 #: sssd-kcm.8.xml:5 sssd-systemtap.5.xml:5 msgid "SSSD Manual pages" msgstr "Pages de manuel de SSSD" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 msgid "sss_groupmod" msgstr "sss_groupmod" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sss_groupmod.8.xml:11 pam_sss.8.xml:12 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_override.8.xml:11 #: sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 #: sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 #: sss_cache.8.xml:11 sss_debuglevel.8.xml:11 sss_seed.8.xml:11 #: idmap_sss.8.xml:11 sssctl.8.xml:11 sssd-kcm.8.xml:11 msgid "8" msgstr "8" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupmod.8.xml:16 msgid "modify a group" msgstr "modifier un groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupmod.8.xml:21 msgid "" "<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><title> #: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:57 #: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sss-certmap.5.xml:21 #: sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 #: sss_obfuscate.8.xml:30 sss_override.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 #: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_seed.8.xml:31 #: sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30 #: sss_ssh_knownhostsproxy.1.xml:31 idmap_sss.8.xml:20 sssctl.8.xml:30 #: sssd-files.5.xml:21 sssd-secrets.5.xml:21 sssd-session-recording.5.xml:21 #: sssd-kcm.8.xml:21 sssd-systemtap.5.xml:21 msgid "DESCRIPTION" msgstr "DESCRIPTION" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:32 msgid "" "<command>sss_groupmod</command> modifies the group to reflect the changes " "that are specified on the command line." msgstr "" "<command>sss_groupmod</command> modifie le groupe pour refléter les " "changements spécifiés sur la ligne de commande." #. type: Content of: <reference><refentry><refsect1><title> #: sss_groupmod.8.xml:39 pam_sss.8.xml:64 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 #: sss_cache.8.xml:39 sss_seed.8.xml:42 sss_ssh_authorizedkeys.1.xml:66 #: sss_ssh_knownhostsproxy.1.xml:62 msgid "OPTIONS" msgstr "OPTIONS" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 msgid "" "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" "replaceable>" msgstr "" "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:48 msgid "" "Append this group to groups specified by the <replaceable>GROUPS</" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" "Ajouter ce groupe aux groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" "replaceable> est une liste séparée par des virgules de noms de groupe." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 msgid "" "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" "replaceable>" msgstr "" "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:62 msgid "" "Remove this group from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." msgstr "" "Supprime ce groupe des groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.conf.5.xml:10 sssd.conf.5.xml:16 msgid "sssd.conf" msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sss-certmap.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 #: sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 #: sssd-files.5.xml:11 sssd-secrets.5.xml:11 sssd-session-recording.5.xml:11 #: sssd-systemtap.5.xml:11 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sss-certmap.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 #: sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 #: sssd-files.5.xml:12 sssd-secrets.5.xml:12 sssd-session-recording.5.xml:12 #: sssd-kcm.8.xml:12 sssd-systemtap.5.xml:12 msgid "File Formats and Conventions" msgstr "Formats de fichier et conventions" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.conf.5.xml:17 msgid "the configuration file for SSSD" msgstr "Le fichier de configuration pour SSSD" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:21 msgid "FILE FORMAT" msgstr "FORMAT DE FICHIER" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:29 #, no-wrap msgid "" "<replaceable>[section]</replaceable>\n" "<replaceable>key</replaceable> = <replaceable>value</replaceable>\n" "<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" " " msgstr "" "<replaceable>[section]</replaceable>\n" "<replaceable>key</replaceable> = <replaceable>value</replaceable>\n" "<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" " " #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:24 msgid "" "The file has an ini-style syntax and consists of sections and parameters. A " "section begins with the name of the section in square brackets and continues " "until the next section begins. An example of section with single and multi-" "valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" "Ce fichier utilise la syntaxe de style « .ini » et est constituée de " "sections et de paramètres. Une section commence par le nom de la section " "entre crochets et continue jusqu'à la section suivante. Un exemple de " "section avec des paramètres mono et multi-valués : <placeholder type=" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:36 msgid "" "The data types used are string (no quotes needed), integer and bool (with " "values of <quote>TRUE/FALSE</quote>)." msgstr "" "Les types de données utilisées sont des chaînes (pas de guillemets " "nécessaires), des entiers et des booléens (ayant pour valeur <quote>TRUE/" "FALSE</quote>)." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 msgid "" "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" "Un commentaire de ligne commence par un octothorpe (<quote>#</quote>) ou un " "point-virgule (<quote>;</quote>). Les commentaires au sein d'une ligne ne " "sont pas pris en charge." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:47 msgid "" "All sections can have an optional <replaceable>description</replaceable> " "parameter. Its function is only as a label for the section." msgstr "" "Toutes les sections peuvent avoir un paramètre facultatif de " "<replaceable>description</replaceable>. Sa fonction ne sert qu'à nommer la " "section." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:53 msgid "" "<filename>sssd.conf</filename> must be a regular file, owned by root and " "only root may read from or write to the file." msgstr "" "<filename>sssd.conf</filename> doit être un fichier normal, appartenant à " "root, et seul root doit pouvoir écrire et lire ce fichier." #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:59 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:62 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" "filename>. This feature is available if SSSD was compiled with libini " "version 1.3.0 or later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:69 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " "(<quote>.</quote>) will be used together with <filename>sssd.conf</filename> " "to configure SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:77 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " "<filename>sssd.conf</filename> when conflicts occur. If several snippets are " "present in <filename>conf.d</filename>, then they are included in " "alphabetical order (based on locale). Files included later have higher " "priority. Numerical prefixes (<filename>01_snippet.conf</filename>, " "<filename>02_snippet.conf</filename> etc.) can help visualize the priority " "(higher number means higher priority)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:91 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>. Which are by default root:root and 0600." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:98 msgid "GENERAL OPTIONS" msgstr "OPTIONS GÉNÉRALES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:100 msgid "Following options are usable in more than one configuration sections." msgstr "" "Les options qui suivent peuvent être utilisées dans plus d'une section de " "configuration." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:104 msgid "Options usable in all sections" msgstr "Options utilisables dans toutes les sections" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:108 msgid "debug_level (integer)" msgstr "debug_level (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:112 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:115 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " "are specified, the value of <replaceable>debug_level</replaceable> will be " "used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:125 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:128 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" "Ajoute un horodatage aux messages de débogage. Si journald est activé pour " "la journalisation de débogage de SSSD, cette option sera ignorée." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 #: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 #: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 #: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Par défaut : true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:138 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:141 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" "Ajouter les microsecondes à l'horodatage dans les messages de débogage. Si " "journald est activé pour la journalisation de débogage de SSSD, cette option " "sera ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 #: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 #: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 #: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 #: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:155 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Options utilisables dans les sections SERVICE et DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:159 msgid "timeout (integer)" msgstr "timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:162 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " "that after three missed heartbeats the process will terminate itself." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 #: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Par défaut : 10" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:179 msgid "SPECIAL SECTIONS" msgstr "SECTIONS SPÉCIALES" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:182 msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> #: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 msgid "Section parameters" msgstr "Paramètres de sections" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:193 msgid "config_file_version (integer)" msgstr "config_file_version (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:196 msgid "" "Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " "version 2." msgstr "" "Indique la syntaxe du fichier de configuration. Pour SSSD 0.6.0 ou " "supérieure utiliser la version 2." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:202 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:205 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " "platforms where systemd is supported, as they will either be socket or dbus " "activated when needed. </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:214 msgid "" "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> " "<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition=" "\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</" "phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" msgstr "" "Les services pris en charge : nss, pam <phrase condition=\"with_sudo\">, " "sudo</phrase> <phrase condition=\"with_autofs\"> ,autofs</phrase> <phrase " "condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder" "\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:222 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " "\"systemctl enable sssd-@service@.socket\". </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:231 sssd.conf.5.xml:613 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:234 sssd.conf.5.xml:616 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" "Nombre d'essais de reconnection ou de redémarrage que les services doivent " "effectuer dans le cas d'un plantage du fournisseur de données avant " "d'abandonner" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:239 sssd.conf.5.xml:621 msgid "Default: 3" msgstr "Par défaut : 3" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:244 msgid "domains" msgstr "domaines" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:247 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " "start. This parameter describes the list of domains in the order you want " "them to be queried. A domain name should only consist of alphanumeric ASCII " "characters, dashes, dots and underscores." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 msgid "re_expression (string)" msgstr "re_expression (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:262 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" "L'expression régulière par défaut qui décrit la manière d'analyser la chaîne " "contenant le nom d'utilisateur et de domaine dans ces composants." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:267 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " "for more info on these regular expressions." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " "fully qualified name from user name and domain name components." msgstr "" "Un format compatible avec<citerefentry> <refentrytitle>printf</" "refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant comment " "composer un domaine pleinement qualifé à partir des noms d'utilisateur et de " "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" "nom de domaine à plat. Utilisable principalement pour les domaines Active " "Directory, configurés directement ou découverts via les relations " "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" "Les expansions suivantes sont prises en charge : <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" "Each domain can have an individual format string configured. see DOMAIN " "SECTIONS for more info on this option." msgstr "" "Chaque domaine peut avoir une chaîne de format individuelle configurée. " "Voir les SECTIONS DOMAINE pour plus d'informations sur cette option." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 msgid "try_inotify (boolean)" msgstr "try_inotify (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 msgid "" "SSSD monitors the state of resolv.conf to identify when it needs to update " "its internal DNS resolver. By default, we will attempt to use inotify for " "this, and will fall back to polling resolv.conf every five seconds if " "inotify cannot be used." msgstr "" "SSSD gère l'état de resolv.conf pour identifier les besoins de mise à jour " "des résolutions DNS internes. Par défaut, l'utilisation de inotify sera " "tentée, et reviendra à une interrogation de resolv.conf toutes les cinq " "secondes si inotify échoue." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:333 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " "to 'false'" msgstr "" "Il existe quelques cas spécifiques où l'utilisation de inotify n'est pas " "conseillée. Dans ces rares cas, cette option devrait être définie à « false »" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:339 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" "Par défaut : true sur les plates-formes où inotify est pris en charge. False " "sur les autres plates-formes." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:343 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" "Note : cette option n'aura aucun effet sur les plateformes où inotify n'est " "pas disponible. Sur celles-ci, l'interrogation régulière sera toujours " "utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:350 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:353 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" "Répertoire du système de fichiers où SSSD doit stocker les fichiers de cache " "de rejeu Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:357 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" "Cette option accepte une valeur spéciale __LIBKRB5_DEFAULTS__ qui indiquera " "à SSSD de laisser libkrb5 décider l'emplacement approprié pour le cache de " "relecture." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:363 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" "Par défaut : paramètre spécifique à la distribution et spécifié au moment de " "la construction du logiciel. (__LIBKRB5_DEFAULTS__ si non configuré)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:370 msgid "user (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:373 msgid "" "The user to drop the privileges to where appropriate to avoid running as the " "root user. <phrase condition=\"have_systemd\"> This option does not work " "when running socket-activated services, as the user set up to run the " "processes is set up during compilation time. The way to override the " "systemd unit files is by creating the appropriate files in /etc/systemd/" "system/. Keep in mind that any change in the socket user, group or " "permissions may result in a non-usable SSSD. The same may occur in case of " "changes of the user running the NSS responder. </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:391 msgid "Default: not set, process will run as root" msgstr "Par défaut : non défini, le processus tourne en tant que root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:396 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:399 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " "domain is intended for managing host policies and all users are located in a " "trusted domain. The option allows those users to log in just with their " "user name without giving a domain name as well." msgstr "" "Cette chaîne servira comme nom de domaine par défaut pour tous les noms sans " "composant de nom de domaine. Les principaux cas d'utilisation sont les " "environnements où le domaine principal va permettre de gérer les politiques " "de systèmes ainsi que tous les utilisateur provenant d'un domaine approuvé. " "L'option permet à ces utilisateurs de se connecter sans fournir un nom de " "domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:409 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " "Setting this option changes default of use_fully_qualified_names to True. It " "is not allowed to use this option together with use_fully_qualified_names " "set to False." msgstr "" "Noter que, si cette option est définie, tous les utilisateurs du domaine " "principal doivent utiliser leur nom pleinement qualifié, par exemple " "user@domain.name, pour se connecter. L'utilisation de cette option modifie " "la valeur par défaut de use_fully_qualified_names à True. Il n'est pas " "possible ni autorisé d'utiliser cette option avec l'option " "use_fully_qualified_names à False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 #: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 #: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 #: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:423 msgid "override_space (string)" msgstr "override_space (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:426 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " ""john_doe" This feature was added to help compatibility with shell " "scripts that have difficulty handling spaces, due to the default field " "separator in the shell." msgstr "" "Ce paramètre remplace les espaces avec le caractère indiqués pour les noms " "d'utilisateurs et de groupes, par ex. (_). Ainsi, le nom "john " "doe" deviendra "john_doe". Cette fonctionnalité a été ajoutée " "pour aider à la compatibilité avec les scripts shells qui ont des " "difficultés à gérer les espaces, du fait que l'espace est le séparateur par " "défaut de l'interpréteur de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:435 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " "character SSSD tries to return the unmodified name but in general the result " "of a lookup is undefined." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:443 msgid "Default: not set (spaces will not be replaced)" msgstr "Par défaut : non défini (les espaces ne seront pas remplacées)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:448 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:456 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:458 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " "the client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:466 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:468 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:474 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:476 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " "default responder e.g. http://example.com:80/ocsp." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 msgid "" "This option must be used together with ocsp_default_responder_signing_cert." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:490 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 msgid "" "The nickname of the cert to trust (expected) to sign the OCSP responses. " "The certificate with the given nickname must be available in the systems NSS " "database." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 msgid "This option must be used together with ocsp_default_responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:504 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:507 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:513 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:516 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:521 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:526 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:531 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:534 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:548 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:551 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " "domains as the missing domains will be looked up based on the order they're " "presented in the <quote>domains</quote> configuration option. The " "subdomains which are not listed as part of <quote>lookup_order</quote> will " "be looked up in a random order for each parent domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:563 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input. In case " "the administrator wants the output not fully-qualified, the full_name_format " "option can be used as shown below: <quote>full_name_format=%1$s</quote> " "However, keep in mind that during login, login applications often " "canonicalize the username by calling <citerefentry> <refentrytitle>getpwnam</" "refentrytitle> <manvolnum>3</manvolnum> </citerefentry> which, if a " "shortname is returned for a qualified input (while trying to reach a user " "which exists in multiple domains) might re-route the login attempt into the " "domain which users shortnames, making this workaround totally not " "recommended in cases where usernames may overlap between domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 #: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 msgid "Default: Not set" msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:184 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " "managed by a special service frequently called <quote>monitor</quote>. The " "<quote>[sssd]</quote> section is used to configure the monitor as well as " "some other important options like the identity domains. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" "Les fonctionnalités propres à SSSD sont fournies par des services " "spécifiques SSSD, qui sont démarrés et arrêtés en même temps que SSSD. Les " "services sont gérés par un service spécifique souvent appelé le " "<quote>moniteur</quote>. La section <quote>[sssd]</quote> est utilisée pour " "configurer le moniteur ainsi que certaines options importantes comme " "l'identité des domaines. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:598 msgid "SERVICES SECTIONS" msgstr "SECTIONS DE SERVICES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:600 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " "section, for example, for NSS service, the section would be <quote>[nss]</" "quote>" msgstr "" "Les options utilisables pour configurer les différents services sont " "décrites dans cette section. Ils doivent être situés dans la section " "[<replaceable>$NAME</replaceable>], par exemple pour le service NSS, la " "section doit être <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:607 msgid "General service configuration options" msgstr "Options générales de configuration de service" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:609 msgid "These options can be used to configure any service." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:626 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:629 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " "the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " "systems without this capability, the resulting value will be the lower value " "of this or the limits.conf \"hard\" limit." msgstr "" "Cette option spécifie le nombre maximal de descripteurs de fichiers qui " "peuvent être ouverts en même temps par ce processus SSSD. Sur les systèmes " "où SSSD se voit accorder la capacité CAP_SYS_RESOURCE, ce sera une limite " "absolue. Sur les systèmes sans cette capacité, la valeur résultante sera la " "valeur inférieure ou la limite « hard » de limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:638 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:643 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:646 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system. The timeout " "can't be shorter than 10 seconds. If a lower value is configured, it will be " "adjusted to 10 seconds." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 #: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 msgid "Default: 60" msgstr "Par défaut : 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:660 msgid "offline_timeout (integer)" msgstr "offline_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:663 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. This " "value is in seconds and calculated by the following:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:670 msgid "offline_timeout + random_offset" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:673 msgid "" "The random offset can increment up to 30 seconds. After each unsuccessful " "attempt to go online, the new interval is recalculated by the following:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:678 msgid "new_interval = old_interval*2 + random_offset" msgstr "new_interval = old_interval*2 + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:681 msgid "" "Note that the maximum length of each interval is currently limited to one " "hour. If the calculated length of new_interval is greater than an hour, it " "will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:692 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:695 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " "built with systemd support and when services are either socket or dbus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:714 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:717 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:729 msgid "NSS configuration options" msgstr "Options de configuration NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:731 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" "Ces options peuvent être utilisées pour configurer le service Name Service " "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:736 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:739 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" "La durée en secondes pendant laquelle nss_sss doit mettre en cache les " "énumérations (requêtes sur les informations de tous les utilisateurs)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:743 msgid "Default: 120" msgstr "Par défaut : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:748 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:751 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " "for the domain." msgstr "" "La valeur du cache peut être définie pour mettre à jour automatiquement les " "entrées en arrière plan si la requête ne dépasse pas un pourcentage de la " "valeur de entry_cache_timeout pour le domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:757 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " "after 15 seconds past the last cache update will be returned immediately, " "but the SSSD will go and update the cache on its own, so that future " "requests will not need to block waiting for a cache update." msgstr "" "Par exemple, si la valeur entry_cache_timeout du domaine est à 30 secondes " "et que entry_cache_nowait_percentage est à 50 (%), les entrées qui veulent " "mettre à jour le cache après 15 secondes seront renvoyées immédiatement, " "mais SSSD continuera et mettra à jour le cache de lui-même. Ainsi, les " "prochaines requêtes ne seront pas bloquées en attendant une mise à jour du " "cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:767 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " "percentage will never reduce the nowait timeout to less than 10 seconds. (0 " "disables this feature)" msgstr "" "Les valeurs autorisées pour cette option vont de 0 à 99 et représentent un " "pourcentage de la valeur entry_cache_timeout pour chaque domaine. Pour des " "raisons de performance, ce pourcentage ne réduira jamais le délai d'attente " "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 msgid "Default: 50" msgstr "Par défaut : 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:780 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:783 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " "before asking the back end again." msgstr "" "Spécifie le temps, en secondes, pendant lequel nss_sss doit mettre en cache " "les résultats négatifs du cache (c'est-à-dire les requêtes pour les bases de " "données invalides, comme celles qui n'existent pas) avant de faire à nouveau " "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 msgid "Default: 15" msgstr "Par défaut : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:794 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:797 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:807 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:810 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " "from the particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:817 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " "NSS. E.g. a group having a member group filtered out will still have the " "member users of the latter listed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:825 msgid "Default: root" msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:830 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:833 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" "Mettre cette option à « false » si les utilisateurs filtrés doivent rester " "membres de groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:844 msgid "fallback_homedir (string)" msgstr "fallback_homedir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:847 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" "Définir un modèle par défaut pour un répertoire utilisateur si aucun n'est " "explicitement spécifié par le fournisseur de données du domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:852 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" "Les valeurs disponibles pour cette option sont les mêmes que pour " "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:858 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" " " msgstr "" "fallback_homedir = /home/%u\n" " " #. type: Content of: <varlistentry><listitem><para> #: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:862 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Par défaut : non défini (aucune substitution pour les répertoires d'accueil " "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:868 msgid "override_shell (string)" msgstr "override_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:871 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " "or per-domain." msgstr "" "Écrase l'interpréteur de commande à utiliser pour tous les utilisateurs. " "Cette option prend le pas sur toutes les autres options d'interpréteur de " "commande si elle est en action, et peut être indiquée au choix soit dans la " "section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:877 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:883 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:886 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" "Restreindre l'interpréteur de commandes de l'utilisateur à l'une des valeurs " "indiquées. L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:889 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" "quote>, il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:893 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" "2. Si l'interpréteur de commandes est dans la liste « allowed_shells » mais " "n'est pas dans <quote>/etc/shells</quote>, la valeur de repli de « " "shell_fallback » sera utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:898 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" "3. Si l'interpréteur de commandes n'est ni dans la liste « allowed_shells » " "ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:903 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:906 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " "allowed shells in allowed_shells would be to much overhead." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:913 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est " "à la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:916 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" "Le fichier <quote>/etc/shells</quote> n'est lu qu'au démarrage de SSSD. Un " "redémarrage de SSSD est nécessaire si un nouvel interpréteur de commandes " "est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:920 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " "utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:925 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:928 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" "Remplace toutes les occurences de ces interpréteurs de commandes par " "l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:933 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:936 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" "L'interpréteur de commandes par défaut à utiliser si un interpréteur de " "commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:940 msgid "Default: /bin/sh" msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:945 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:948 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" "L'interpréteur de commande par défaut à utiliser si le fournisseur n'en " "renvoie pas un lors de la recherche. Cette option peut être indiquée au " "choix soit dans la section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:954 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" "Par défaut : non défini (retourne NULL si aucun shell n'est spécifié et " "s'appuyer sur la libc pour remplacer par quelque chose de sensé lorsque " "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" "Spécifie la durée en secondes pendant laquelle la liste de sous-domaines est " "jugée valide." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:973 msgid "memcache_timeout (int)" msgstr "memcache_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:983 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:994 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " "attributes is controlled by this option. It is handled the same way as the " "<quote>user_attributes</quote> option of the InfoPipe responder (see " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for details) but with no default values." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1007 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1012 msgid "Default: not set, fallback to InfoPipe option" msgstr "Par défaut : non défini, repli sur l'option InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1017 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1020 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> #: sssd.conf.5.xml:1025 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1028 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1036 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1038 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" "Ces options permettent de configurer le service Pluggable Authentication " "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1043 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1046 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" "Si le fournisseur d'authentification est déconnecté, combien de temps " "autoriser les connexions à partir du cache (en jours depuis la dernière " "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1057 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1060 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" "Si le fournisseur d'authentification est déconnecté, combien de connexions " "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1070 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1073 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" "Le temps en minutes à attendre après avoir atteint " "offline_failed_login_attempts avant qu'une nouvelle tentative de connexion " "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1078 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " "authentication can enable offline authentication again." msgstr "" "Si la valeur est à 0, l'utilisateur ne peut s'authentifier en mode " "déconnecté si offline_failed_login_attempts est atteint. Seulement une " "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1090 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1093 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" "Contrôle le type de messages affichés à l'utilisateur pendant le processus " "d'authentification. Plus le nombre est grand, plus le nombre de messages " "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1098 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1101 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1104 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1108 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1111 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1115 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1121 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1124 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " "responses sent to pam_sss e.g. messages displayed to the user or environment " "variables which should be set by pam_sss." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1132 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1139 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1140 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1143 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1144 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1148 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1149 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1137 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1159 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1165 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1168 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " "ensure that authentication takes place with the latest information." msgstr "" "Lors de chaque requête PAM quand SSSD est en mode connecté, SSSD tentera de " "mettre à jour immédiatement les informations d'identité mises en cache pour " "l'utilisateur de manière à s'assurer que l'authentification se fasse avec " "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1174 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" "client-application basis) how long (in seconds) we can cache the identity " "information to avoid excessive round-trips to the identity provider." msgstr "" "Une conversation PAM complète peut effectuer plusieurs requêtes PAM, comme " "la gestion de compte et l'ouverture de session. Cette option contrôle (par " "client et par application) la durée (en secondes) de mise en cache des " "informations d'identité afin d'éviter de nombreux aller-retour avec le " "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1188 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1194 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning." msgstr "" "Noter que le moteur du service doit fournir des informations à propos du " "délai d'expiration du mot de passe. Si cette information est manquante, sssd " "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" "Si la valeur est zéro, ce filtre n'est pas appliqué, c'est-à-dire que si " "l'avertissement d'expiration est reçu de la part du moteur du serveur, il " "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1205 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" "Ce paramètre peut être surchargé par le paramètre " "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1227 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1230 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " "included in this list can only access domains marked as public with " "<quote>pam_public_domains</quote>. User names are resolved to UIDs at " "startup." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1240 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1244 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1251 msgid "pam_public_domains (string)" msgstr "pam_public_domains (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1254 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1258 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Deux valeurs spéciales pour l'option pam_public_domains sont définies :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1262 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" "all (tous les utilisateurs non dignes de confiance sont autorisés à accéder " "à tous les domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1266 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" "none (les utilisateurs non dignes de confiance, Untrusted, ne sont pas " "autorisés à accéder à un des domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 #: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1275 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1278 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1283 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:1291 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1300 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1303 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:1310 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1319 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1322 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " "authentication process this option is disabled by default." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 #: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1333 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1336 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1340 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1345 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1348 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1357 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1360 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1373 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1375 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to work with " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry> are in the manual page <citerefentry> <refentrytitle>sssd-" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" "Ces options peuvent être utilisées pour configurer le service sudo. Les " "directives de configuration de <citerefentry> <refentrytitle>sudo</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> dans <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " "sont détaillées dans la page de manuel <citerefentry> <refentrytitle>sssd-" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1392 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1395 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" "Évaluation ou non des attributs sudoNotBefore et sudoNotAfter qui utilisent " "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1407 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1410 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " "<quote>rules refresh</quote> mechanism. If the threshold is exceeded a " "<quote>full refresh</quote> of sudo rules is triggered instead. This " "threshold number also applies to IPA sudo command and command group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1429 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1431 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1435 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1438 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" "Spécifie le délai en secondes pendant lequel le répondeur autofs stocke les " "réponses négatives (autrement dit, les requêtes pour les entrées de mappage " "non valide, comme celles qui n'existent pas) avant de demander à nouveau au " "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1454 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1456 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1460 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1463 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1472 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1475 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" "La durée en secondes pendant laquelle conserver un système dans le fichier " "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1479 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1484 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1487 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1492 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1500 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1502 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " "PAC data during a GSSAPI authentication to the PAC responder. The sub-domain " "provider collects domain SID and ID ranges of the domain the client is " "joined to and of remote trusted domains from the local domain controller. If " "the PAC is decoded and evaluated some of the following operations are done:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:1511 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " "GID will have the same value as the UID. The home directory is set based on " "the subdomain_homedir parameter. The shell will be empty by default, i.e. " "the system defaults are used, but can be overwritten with the default_shell " "parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:1519 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" "S'il y a des SID de groupes des domaines connus de sssd, l'utilisateur sera " "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1525 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1532 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " "startup." msgstr "" "Spécifie la liste séparée par des virgules des UID ou noms d'utilisateurs " "qui sont autorisés à accéder au répondeur PAC. Les noms d'utilisateurs " "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1538 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1542 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " "access the PAC responder, which would be the typical case, you have to add 0 " "to the list of allowed UIDs as well." msgstr "" "Noter que bien que l'UID 0 est utilisé par défaut, il sera remplacé par " "cette option. Si vous voulez continuer à permettre à l'utilisateur root à " "accéder au répondeur PAC, ce qui serait un cas habituel, vous devez ajouter " "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1551 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1554 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1567 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1569 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the AD provider for " #| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" #| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " #| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " #| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" #| "citerefentry> manual page." msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>, a part of tlog package, to log what users see and type when " "they log in on a text terminal. See also <citerefentry> <refentrytitle>sssd-" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" "Cette page de manuel décrit la configuration du fournisseur AD pour " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Pour une référence détaillée sur la syntaxe, cf. la section " "<quote>FORMAT DE FICHIER</quote> de la page de manuel <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1582 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "user (string)" msgid "scope (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 #, fuzzy #| msgid "none" msgid "\"none\"" msgstr "none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" #| "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter " #| "is a comma separated list of group names." msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" "Ajouter cet utilisateur aux groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" "replaceable> est une liste séparée par des virgules de noms de groupes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" #| "\" id=\"0\"/>" msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Les expansions suivantes sont prises en charge : <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "user (string)" msgid "users (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " "replacement, case changes, etc." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "user (string)" msgid "groups (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " "possible space replacement, case changes, etc." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " "retrieving and matching the groups the user is member of." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:1668 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1675 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1678 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " "be present or generated. Only objects from POSIX domains are available to " "the operating system interfaces and utilities." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1686 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1690 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>) and the PAM responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1698 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1702 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1706 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1712 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1715 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" "Limites UID et GID pour le domaine. Si un domaine contient une entrée en " "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1720 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" "primary group memberships, those that are in range will be reported as " "expected." msgstr "" "Pour les utilisateurs, cela affecte la limite des GID primaires. " "L'utilisateur ne sera pas renvoyé vers NSS si l'UID ou le GID primaire sont " "en dehors de la plage. Pour l'appartenance à un groupe non primaire, ceux " "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1727 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" "Ces limites d'identifiants affecte aussi les mises en cache des entrées, et " "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1731 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1737 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1740 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" "Détermine si un domaine peut être énuméré. Ce paramètre peut avoir une des " "valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1744 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1747 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1753 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " "to fully complete enumerations. During this time, individual requests for " "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " "memberships have to be recomputed." msgstr "" "Note : activer l'énumération a un impact modéré sur les performances de SSSD " "lorsque l'énumération est en cours. Plusieurs minutes peuvent être " "nécessaires après le démarrage de SSSD pour terminer l'énumération complète. " "Pendant ce temps, les requêtes individuelles pour des informations iront " "directement vers LDAP, bien que plus lent et ce à cause de la charge " "importante liée au processus d'énumération. Le fait de mettre un grand " "nombre d'entrées en cache lorsque l'énumération est terminée peut être " "également intensif pour le CPU, car les appartenances aux groupes doivent " "être recalculées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1766 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" "Lorsque la première énumération est en cours, les requêtes pour des listes " "utilisateurs ou de groupes peuvent retourner des résultats vides avant que " "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1771 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " "enumeration lookups are completed successfully. For more information, refer " "to the man pages for the specific id_provider in use." msgstr "" "De plus, activer l'énumération peut augmenter le temps nécessaire pour " "détecter la déconnexion d'un réseau, puisque des délais d'attente supérieurs " "sont nécessaires pour s'assurer que les requêtes d'énumération se terminent " "avec succès. Pour plus d'informations, se référer au manuel pour le " "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1779 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" "Pour les raisons citées plus haut, l'activation de l'énumération est " "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1787 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1794 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1795 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1798 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1799 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1790 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " "Optionally, a list of one or more domain names can enable enumeration just " "for these trusted domains." msgstr "" "Les domaines approuvés auto-détectés doivent-ils être énumérés ?\n" "Les valeurs prises en charge sont : <placeholder type=\"variablelist\" id=" "\"0\"/> \n" "De manière facultative, une liste d'un ou plusieurs noms de domaines peut " "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1813 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1816 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées " "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1820 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " "for newly added or expired entries. You should run the <citerefentry> " "<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry> tool in order to force refresh of entries that have already " "been cached." msgstr "" "Les horodatages d'expiration de cache sont stockés en tant qu'attributs des " "objets individuels dans le cache. Il en découle que la modification du délai " "d'expiration du cache ne sera pris en compte que pour les entrées qui y sont " "nouvellement ajoutées, ou pour celles qui ont expiré. Vous devriez utiliser " "l'outil <citerefentry> <refentrytitle>sss_cache</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> de manière à forcer un " "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1833 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1839 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1842 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées " "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 #: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 #: sssd.conf.5.xml:1926 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1852 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1855 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1865 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1868 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1878 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1881 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1891 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1894 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" "La durée en secondes pendant laquelle sudo doit considérer les règles comme " "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1904 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1907 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" "La durée en secondes pendant laquelle le service autofs doit considérer les " "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1918 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1921 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" "La durée en secondes pendant laquelle conserver une clé ssh d'hôte après " "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1932 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1935 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" "Indique la durée en secondes pendant laquelle SSSD doit attendre avant de " "déclencher une tâche en arrière-plan qui rafraichira tous les " "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1940 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1944 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1954 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1957 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1961 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1971 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1974 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1981 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1986 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1992 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1995 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " "value of this parameter must be greater than or equal to " "offline_credentials_expiration." msgstr "" "Durée en jours pendant laquelle les entrées sont stockées dans le cache " "après la dernière connexion réussie, avant d'être enlevées lors du nettoyage " "du cache. 0 signifie qu'elles sont conservées indéfiniment. La valeur de ce " "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2002 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2007 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2018 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning. Also an auth provider has to be configured for the " "backend." msgstr "" "Veuillez noter que le moteur du service doit fournir des informations à " "propos du délai d'expiration du mot de passe. Si cette information est " "manquante, sssd ne peut afficher de message d'alerte. De plus, un " "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2025 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2031 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2034 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" "Le fournisseur d'identification utilisé pour le domaine. Les fournisseurs " "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2038 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2045 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on configuring LDAP." msgstr "" "<quote>ldap</quote> : fournisseur LDAP. Cf. " "<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 #: sssd.conf.5.xml:2276 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "FreeIPA." msgstr "" "<quote>ipa</quote> : fournisseur FreeIPA et Red Hat Enterprise Identity " "Management. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> pour plus d'informations sur la " "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 #: sssd.conf.5.xml:2285 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Active Directory." msgstr "" "<quote>ad</quote> : fournisseur Active Directory. Cf. " "<citerefentry><refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration " "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2073 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2076 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" "Utiliser le nom complet et le domaine (comme formaté par le paramètre " "full_name_format du domaine) comme nom de connexion de l'utilisateur " "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2081 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " "<command>getent passwd test</command> wouldn't find the user while " "<command>getent passwd test@LOCAL</command> would." msgstr "" "Si défini à TRUE, toutes les requêtes pour ce domaine doivent utiliser des " "noms pleinement qualifiés. Par exemple, pour un utilisateur « test » dans un " "domaine LOCAL, <command>getent passwd test</command> ne trouvera pas " "l'utilisateur avant que <command>getent passwd test@LOCAL</command> ne le " "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2089 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " "will be searched when an unqualified name is requested." msgstr "" "NOTE : Cette option n'a pas d'effet sur les recherches de netgroups, du fait " "de leur tendance à inclure des groupes imbriqués sans noms qualifiés. Pour " "les netgroups, la recherche se fera dans tous les domaines lorsqu'un nom non " "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2096 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Par défaut : false (true si default_domain_suffix est utilisée)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2102 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2105 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2108 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " "calls, such as <citerefentry> <refentrytitle>getgrnam</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry> or <citerefentry> " "<refentrytitle>getgrgid</refentrytitle> <manvolnum>3</manvolnum> </" "citerefentry>. As an effect, <quote>getent group $groupname</quote> would " "return the requested group as if it was empty." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2126 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " "members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2137 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2140 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" "Le fournisseur d'authentification utilisé pour le domaine. Les fournisseurs " "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" "<quote>ldap</quote> pour une authentification LDAP native. Cf. " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2151 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" "<quote>krb5</quote> pour une authentification Kerberos. Cf. <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2175 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> pour relayer l'authentification vers d'autres cibles " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2182 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2185 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2191 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2194 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " "Internal special providers are:" msgstr "" "Le fournisseur de contrôle d'accès utilisé pour le domaine. Il y a deux " "fournisseurs d'accès natifs (en plus de ceux disponibles dans les moteurs " "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2200 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" "<quote>permit</quote> toujours autoriser l'accès. C'est le seul fournisseur " "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2203 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2230 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for more information on configuring the simple " "access module." msgstr "" "Contrôle d'accès <quote>simple</quote> basé sur des listes d'autorisations " "ou de refus d'accès. Cf. <citerefentry> <refentrytitle>sssd-simple</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> pour plus " "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2237 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" "citerefentry> for more information on configuring Kerberos." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2244 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2247 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2252 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2255 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" "Le fournisseur qui doit gérer le changement des mots de passe pour le " "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2260 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2268 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" "<quote>krb5</quote> pour changer le mot de passe Kerberos. Cf. " "<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'informations sur la configuration de " "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2293 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "<quote>proxy</quote> pour relayer le changement de mot de passe vers une " "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2297 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2300 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" "Par défaut : <quote>auth_provider</quote> est utilisé si il est défini et " "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2307 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2310 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2314 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" "<quote>ldap</quote> pour les règles stockés dans LDAP. Voir " "<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2322 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" "<quote>ipa</quote> identiqué à <quote>ldap</quote> mais avec les paramètres " "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2326 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" "<quote>ipa</quote> identiqué à <quote>ldap</quote> mais avec les paramètres " "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2330 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 #: sssd.conf.5.xml:2501 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2337 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>. There are many configuration " "options that can be used to adjust the behavior. Please refer to " "\"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2354 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2357 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " "providers are:" msgstr "" "Le fournisseur qui doit gérer le chargement des paramètres de selinux. " "Remarque : ce fournisseur sera appelé juste après la fin de l'appel au " "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2363 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charger les paramètres selinux depuis un serveur " "IPA. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2371 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2374 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2380 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2383 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" "Le fournisseur doit être capable de gérer la récupération des sous-" "domaines. Cette valeur doit être toujours identique à id_provider. Les " "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charger une liste de sous-domaines depuis un serveur " "IPA. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2398 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "the AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2407 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2417 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2420 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " "Commander, which works only with IPA. Supported session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2427 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2431 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2435 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " #| "selinux loading requests." msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2442 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2445 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" "Le fournisseur autofs utilisé pour le domaine. Les fournisseurs autofs pris " "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2449 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" "<quote>ldap</quote> pour charger les cartes stockées dans LDAP. Cf. " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2456 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charger les cartes stockées sur un serveur IPA. Cf. " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'information sur la configuration de " "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2464 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring the AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2473 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2483 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2486 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" "Le fournisseur utilisé pour récupérer les informations d'identité des " "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2490 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charge l'identité du système stockée sur un serveur " "IPA. Cf. <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> pour plus d'informations sur la " "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2498 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2511 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " "match either the SSSD configuration domain name, or, in the case of IPA " "trust subdomains and Active Directory domains, the flat (NetBIOS) name of " "the domain." msgstr "" "L'expression rationnelle pour ce domaine qui décrit comment analyser la " "chaîne contenant le nom d'utilisateur et domaine et en extraire ces " "composants. Le « domaine » peut correspondre à soit au nom de domaine de la " "configuration SSSD, ou, dans le cas de relations d'approbations avec des " "sous-domaines IPA ou des domaines Active Directory, le nom plat (NetBIOS) du " "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2520 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" "P<name>[^@\\\\]+)$))</quote> which allows three different styles for " "user names:" msgstr "" "Valeur par défaut pour les fournisseurs AD et IPA : <quote>(((?P<" "domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<" "domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> qui utilisent trois " "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:2525 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:2528 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:2531 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2534 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" "Bien que les deux premiers correspondent à la valeur par défaut en général " "le troisième est introduit pour permettre une intégration facile des " "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2539 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " "sign, the domain everything after that\"" msgstr "" "Par défaut : <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "qui se traduit par « peu importe le nom jusqu'au <quote>@</quote>, peu " "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2545 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " "version 7 or higher can support non-unique named subpatterns." msgstr "" "REMARQUE : la prise en charge de sous-motifs nommés multiples n'est pas " "disponible sur certaines plates-formes (par exemple, RHEL5 et SLES10). " "Seules les plates-formes avec libpcre version 7 ou supérieure peuvent " "prendre en charge les sous-motifs nommés multiples." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2552 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" "REMARQUE ADDITIONNELLE : les anciennes versions de libpcre ne supportent que " "la syntaxe Python (?P<name>) pour nommer les sous-motifs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2599 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2605 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2608 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" "Fournit la possibilité de sélectionner la famille d'adresse préférée à " "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2612 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2615 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2618 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2621 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2624 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2627 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2633 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2636 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " #| "resolver before assuming that it is unreachable. If this timeout is " #| "reached, the domain will continue to operate in offline mode." msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " "If this timeout is reached, the domain will continue to operate in offline " "mode." msgstr "" "Délai (en secondes) d'attente de la réponse du résolveur DNS avant de " "considérer qu'il est injoignable. Si ce délai maximum est atteint, le " "domaine continuera à opérer en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2643 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 #: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2654 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2657 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" "Si la découverte de services est utilisé par le moteur, spécifie la partie " "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2661 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2667 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2670 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2676 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2684 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2687 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2693 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2695 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2699 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2702 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " "protocol names) are still lowercased in the output." msgstr "" "Comme False (insensible à la casse), mais ne convertit pas les noms en " "minuscules lors des opérations NSS. Notez que les alias de noms (et dans le " "cas des services les noms de protocoles) sont toujours en minuscule dans la " "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2679 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2714 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2720 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2723 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " "Currently the following options can be inherited:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2729 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2732 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2738 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2741 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:2747 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" " " msgstr "" "subdomain_inherit = ldap_purge_cache_timeout\n" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2754 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2761 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2772 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2773 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2764 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " "possible values. In addition to those, the expansion below can only be used " "with <emphasis>subdomain_homedir</emphasis>. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" "Utiliser ce répertoire utilisateur comme valeur par défaut pour tous les " "sous-domaines dans cette relation d'approbation Active Directory. Voir " "<emphasis>override_homedir</emphasis> pour des informations sur les valeurs " "possibles. En plus de celles-ci, le remplacement ci-dessous ne peut être " "utilisé qu'avec <emphasis>subdomain_homedir</emphasis>. <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2778 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "La valeur peut être surchargée par l'option <emphasis>override_homedir</" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2782 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2787 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2790 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" "Étiquettes diverses stockées par le service de configuration de realmd pour " "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2796 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2799 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " "the online mode." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2805 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2809 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:1670 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Ces options de configuration peuvent être présentes dans la section de " "configuration du domaine, c'est-à-dire dans la section nommée <quote>[domain/" "<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" " "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2827 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2830 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2833 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" "Par défaut : non défini, il faut utiliser une configuration de pam existante " "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2841 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2844 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " "for example _nss_files_getpwent." msgstr "" "Le nom de la bibliothèque NSS à utiliser dans les domaines proxy. Les " "recherches de fonctions NSS dans la bibliothèque sont sous la forme _nss_" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2854 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2857 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " "name was an alias. Setting this option to true would cause the SSSD to " "perform the ID lookup from cache for performance reasons." msgstr "" "Quand un utilisateur ou un groupe est recherché par son nom dans le " "fournisseur proxy, une deuxième recherche par ID est effectuée pour " "récupérer le nom canonique, dans le cas où le nom demandé serait un alias. " "Cette option positionnée à true active la recherche par l'ID dans le cache " "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2871 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2874 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " "slots, which would cause some issues due to the requests being queued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:2823 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" "Options valides pour les domaines proxy. <placeholder type=\"variablelist\" " "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:2890 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2892 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " "applications as a gateway to an LDAP directory where users and groups are " "stored. However, contrary to the traditional SSSD deployment where all users " "and groups either have POSIX attributes or those attributes can be inferred " "from the Windows SIDs, in many cases the users and groups in the application " "support scenario have no POSIX attributes. Instead of setting a " "<quote>[domain/<replaceable>NAME</replaceable>]</quote> section, the " "administrator can set up an <quote>[application/<replaceable>NAME</" "replaceable>]</quote> section that internally represents a domain with type " "<quote>application</quote> optionally inherits settings from a tradition " "SSSD domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2912 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " "application domain and its POSIX sibling domain is set correctly." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> #: sssd.conf.5.xml:2918 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2920 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2923 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " "application settings that augment or override the <quote>sibling</quote> " "domain settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2937 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " "through the NSS responder. In addition, the application domain also requests " "the telephoneNumber attribute, stores it as the phone attribute in the cache " "and makes the phone attribute reachable through the D-Bus interface." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> #: sssd.conf.5.xml:2945 #, no-wrap msgid "" "[sssd]\n" "domains = appdom, posixdom\n" "\n" "[ifp]\n" "user_attributes = +phone\n" "\n" "[domain/posixdom]\n" "id_provider = ldap\n" "ldap_uri = ldap://ldap.example.com\n" "ldap_search_base = dc=example,dc=com\n" "\n" "[application/appdom]\n" "inherit_from = posixdom\n" "ldap_user_extra_attrs = phone:telephoneNumber\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:2963 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2965 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " "<replaceable>id_provider=local</replaceable>." msgstr "" "Cette section contient les paramètres pour le domaine qui stocke les " "utilisateurs et les groupes dans la base de données native SSSD, c'est-à-" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2972 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2975 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2979 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2984 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2987 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" "Les outils ajoutent le nom d'utilisateur à <replaceable>base_directory</" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2992 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2997 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3000 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" "Indique si un dossier personnel doit être créé par défaut pour les nouveaux " "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3009 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3012 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" "Indiquer si un dossier personnel doit par défaut être supprimé à la " "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3021 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3024 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " "on a newly created home directory." msgstr "" "Utilisé par <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> pour spécifier les permissions par " "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3032 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3037 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3040 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" "Le répertoire squelette contenant les fichiers et répertoires à copier dans " "le répertoire personnel de l'utilisateur une fois ce répertoire créé par " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3050 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3055 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3058 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " "default value is used." msgstr "" "Le répertoire de gestion des e-mails. Nécessaire pour manipuler les boîtes e-" "mail quand les comptes utilisateurs sont modifiés ou supprimés. Si non " "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3065 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3070 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3073 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " "return code of the command is not taken into account." msgstr "" "La commande qui est exécutée quand un utilisateur est supprimé. La commande " "a comme seul argument le nom de l'utilisateur qui doit être supprimé. Le " "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3079 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:3089 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3091 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" "<replaceable>DOMAIN_NAME</replaceable>/<replaceable>TRUSTED_DOMAIN_NAME</" "replaceable>]</quote>. Where DOMAIN_NAME is the actual joined-to base " "domain. Please refer to examples below for explanation. Currently supported " "options in the trusted domain section are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3098 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3099 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3100 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3101 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3102 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3103 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3104 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3105 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3106 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3108 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:3120 #, no-wrap msgid "" "[sssd]\n" "domains = LDAP\n" "services = nss, pam\n" "config_file_version = 2\n" "\n" "[nss]\n" "filter_groups = root\n" "filter_users = root\n" "\n" "[pam]\n" "\n" "[domain/LDAP]\n" "id_provider = ldap\n" "ldap_uri = ldap://ldap.example.com\n" "ldap_search_base = dc=example,dc=com\n" "\n" "auth_provider = krb5\n" "krb5_server = kerberos.example.com\n" "krb5_realm = EXAMPLE.COM\n" "cache_credentials = true\n" "\n" "min_id = 10000\n" "max_id = 20000\n" "enumerate = False\n" msgstr "" "[sssd]\n" "domains = LDAP\n" "services = nss, pam\n" "config_file_version = 2\n" "\n" "[nss]\n" "filter_groups = root\n" "filter_users = root\n" "\n" "[pam]\n" "\n" "[domain/LDAP]\n" "id_provider = ldap\n" "ldap_uri = ldap://ldap.example.com\n" "ldap_search_base = dc=example,dc=com\n" "\n" "auth_provider = krb5\n" "krb5_server = kerberos.example.com\n" "krb5_realm = EXAMPLE.COM\n" "cache_credentials = true\n" "\n" "min_id = 10000\n" "max_id = 20000\n" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3116 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " #| "configuration of the domains themselves - refer to documentation on " #| "configuring domains for more details. <placeholder type=\"programlisting" #| "\" id=\"0\"/>" msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " "configuring domains for more details. <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" "L'exemple suivant montre une configuration SSSD classique. Il ne décrit pas " "la configuration des domaines. Se référer à la documentation sur la " "configuration des domaines pour plus de détails. <placeholder type=" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:3153 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" "use_fully_qualified_names = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3147 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " "domain (ipa.com) has trust with AD domain(ad.com). ad.com has child domain " "(child.ad.com). To enable shortnames in the child domain the following " "configuration should be used. <placeholder type=\"programlisting\" id=\"0\"/" ">" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 msgid "sssd-ldap" msgstr "sssd-ldap" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap.5.xml:17 msgid "SSSD LDAP provider" msgstr "Fournisseur LDAP SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 msgid "" "This manual page describes the configuration of LDAP domains for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for detailed syntax information." msgstr "" "Ce manuel décrit la configuration des domaines LDAP pour <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>. Se référer à la section <quote>FILE FORMAT</quote> du manuel " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour des informations sur la syntaxe détaillée." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:35 msgid "You can configure SSSD to use more than one LDAP domain." msgstr "" "Il est possible de configurer SSSD pour utiliser plus d'un domaine LDAP." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:38 msgid "" "LDAP back end supports id, auth, access and chpass providers. If you want to " "authenticate against an LDAP server either TLS/SSL or LDAPS is required. " "<command>sssd</command> <emphasis>does not</emphasis> support authentication " "over an unencrypted channel. If the LDAP server is used only as an identity " "provider, an encrypted channel is not needed. Please refer to " "<quote>ldap_access_filter</quote> config option for more information about " "using LDAP as an access provider." msgstr "" "Le moteur de traitement LDAP prend en charge les fournisseurs id, auth, " "access et chpass. Si vous voulez vous authentifier sur un serveur LDAP, il " "vous faut utiliser TLS/SSL ou LDAPS. <command>sssd</command> <emphasis>ne " "prend pas en charge</emphasis> l'authentification sur un canal non chiffré. " "Si le serveur LDAP est utilisé seulement comme fournisseur d'identité, un " "canal crypté n'est pas nécessaire. Se référer aux options de configurations " "<quote>ldap_access_filter</quote> pour plus d'information sur l'utilisation " "en tant que fournisseur d'accès." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" msgstr "OPTIONS DE CONFIGURATION" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri, ldap_backup_uri (string)" msgstr "ldap_uri, ldap_backup_uri (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 msgid "" "Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " "should connect in the order of preference. Refer to the <quote>FAILOVER</" "quote> section for more information on failover and server redundancy. If " "neither option is specified, service discovery is enabled. For more " "information, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" "Spécifie par ordre de préférence la liste séparée par des virgules d'URI des " "serveurs LDAP auquel doit se connecter SSSD. Se reporter à la section de " "<quote>BASCULE</quote> pour plus d'informations sur le repli et la " "redondance de serveurs. Si aucune de ces options n'est spécifiée, la " "découverte d'un service est activé. Pour plus d'informations, se reporter à " "la section de <quote>DÉCOUVERTE DE SERVICE</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:70 sssd-secrets.5.xml:264 msgid "The format of the URI must match the format defined in RFC 2732:" msgstr "" "Le format de l'URI doit correspondre au format définit dans la RFC 2732 :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:73 msgid "ldap[s]://<host>[:port]" msgstr "ldap[s]://<host>[:port]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:76 msgid "" "For explicit IPv6 addresses, <host> must be enclosed in brackets []" msgstr "" "Pour les adresses explicitement en IPv6, le composant <host> doit être " "entre crochets []" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:79 msgid "example: ldap://[fc00::126:25]:389" msgstr "exemple : ldap://[fc00::126:25]:389" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:85 msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)" msgstr "ldap_chpass_uri, ldap_chpass_backup_uri (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:88 msgid "" "Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " "should connect in the order of preference to change the password of a user. " "Refer to the <quote>FAILOVER</quote> section for more information on " "failover and server redundancy." msgstr "" "Spécifie la liste d'URI séparée par des virgules des serveurs LDAP auquel " "doit se connecter DSSD par ordre de préférence pour changer le mot de passe " "d'un utilisateur. Reportez-vous à la section de <quote>bascule</quote> pour " "plus d'informations sur le repli et la redondance de serveurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:95 msgid "To enable service discovery ldap_chpass_dns_service_name must be set." msgstr "" "Pour activer la découverte de services, ldap_chpass_dns_service_name doit " "être défini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:99 msgid "Default: empty, i.e. ldap_uri is used." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:105 msgid "ldap_search_base (string)" msgstr "ldap_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:108 msgid "The default base DN to use for performing LDAP user operations." msgstr "" "Le DN de base par défaut à utiliser pour effectuer les opérations LDAP sur " "les utilisateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:112 msgid "" "Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " "syntax:" msgstr "" "À partir de SSSD 1.7.0, SSSD prend en charge plusieurs bases de recherche à " "l'aide de la syntaxe :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:116 msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:119 msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." msgstr "La portée peut être l'une des « base », « onelevel » ou « subtree »." #. type: Content of: <listitem><para> #: sssd-ldap.5.xml:122 include/ldap_search_bases.xml:18 msgid "" "The filter must be a valid LDAP search filter as specified by http://www." "ietf.org/rfc/rfc2254.txt" msgstr "" "Le filtre doit être un filtre de recherche LDAP valide tel que spécifié par " "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:129 msgid "" "ldap_search_base = dc=example,dc=com (which is equivalent to) " "ldap_search_base = dc=example,dc=com?subtree?" msgstr "" "ldap_search_base = dc=example,dc=com (ce qui équivaut à) ldap_search_base = " "dc=example,dc=com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:134 msgid "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" msgstr "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:137 msgid "" "Note: It is unsupported to have multiple search bases which reference " "identically-named objects (for example, groups with the same name in two " "different search bases). This will lead to unpredictable behavior on client " "machines." msgstr "" "Remarque : Il est n'est pas possible d'avoir plusieurs bases de recherche " "qui référencent des objets portant le même nom (par exemple, les groupes " "portant le même nom dans deux bases de recherche différents). Cela conduira " "à un comportement imprévisible sur les ordinateurs clients." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:144 msgid "" "Default: If not set, the value of the defaultNamingContext or namingContexts " "attribute from the RootDSE of the LDAP server is used. If " "defaultNamingContext does not exist or has an empty value namingContexts is " "used. The namingContexts attribute must have a single value with the DN of " "the search base of the LDAP server to make this work. Multiple values are " "are not supported." msgstr "" "Par défaut : si non définie, les valeurs des attributs defaultNamingContext " "ou namingContexts du RootDSE du serveur LDAP sont utilisées. Si " "defaultNamingContext n'existe pas ou a une valeur vide, namingContexts est " "utilisé. Les attributs namingContexts doivent avoir une seule valeur avec un " "DN de base de recherche pour le serveur LDAP pour que cela fonctionne. Des " "valeurs multiples ne sont pas permises." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:158 msgid "ldap_schema (string)" msgstr "ldap_schema (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:161 msgid "" "Specifies the Schema Type in use on the target LDAP server. Depending on " "the selected schema, the default attribute names retrieved from the servers " "may vary. The way that some attributes are handled may also differ." msgstr "" "Spécifie le type de schéma utilisé sur le serveur LDAP cible. Selon le " "schéma sélectionné, les noms d'attributs par défaut provenant des serveurs " "peuvent varier. La manière dont certains attributs sont traités peut-être " "également différer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:168 msgid "Four schema types are currently supported:" msgstr "Quatre types de schéma sont actuellement pris en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:172 msgid "rfc2307" msgstr "rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:177 msgid "rfc2307bis" msgstr "rfc2307bis" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:182 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:187 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:193 msgid "" "The main difference between these schema types is how group memberships are " "recorded in the server. With rfc2307, group members are listed by name in " "the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, " "group members are listed by DN and stored in the <emphasis>member</emphasis> " "attribute. The AD schema type sets the attributes to correspond with Active " "Directory 2008r2 values." msgstr "" "La principale différence entre ces types de schéma est la façon dont les " "appartenances aux groupes sont enregistrés dans le serveur. Avec rfc2307, " "les membres du groupe sont répertoriées par nom dans l'attribut " "<emphasis>memberUid</emphasis>. Avec rfc2307bis et IPA, les membres du " "groupe sont répertoriés par DN et stockées dans l'attribut de " "<emphasis>member</emphasis>. Le type de schéma AD définit les attributs " "correspondant aux valeurs d'Active Directory 2008r2." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:203 msgid "Default: rfc2307" msgstr "Par défaut : rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Le DN de connexion par défaut à utiliser pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:219 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:222 msgid "The type of the authentication token of the default bind DN." msgstr "" "Le type de jeton d'authentification pour le DN de connexion par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:226 msgid "The two mechanisms currently supported are:" msgstr "Les deux mécanismes actuellement pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:229 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:232 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:235 msgid "Default: password" msgstr "Par défaut : password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:241 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:244 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" "Le jeton d'authentification pour le DN de connexion par défaut. Seuls les " "mots de passe en clair sont actuellement pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:251 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:254 msgid "The object class of a user entry in LDAP." msgstr "La classe d'objet d'une entrée utilisateur dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:257 msgid "Default: posixAccount" msgstr "Par défaut : posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:263 msgid "ldap_user_name (string)" msgstr "ldap_user_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:266 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" "L'attribut LDAP correspondant à l'identifiant de connexion de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:270 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:277 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:280 msgid "The LDAP attribute that corresponds to the user's id." msgstr "L'attribut LDAP correspondant à l'id de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:284 msgid "Default: uidNumber" msgstr "par défaut : uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:290 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:293 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" "L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 msgid "Default: gidNumber" msgstr "Par défaut : gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:303 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:306 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" "quote> provider with ID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:312 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:318 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:321 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "L'attribut LDAP correspondant au champ gecos de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:325 msgid "Default: gecos" msgstr "Par défaut : gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:331 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:334 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "L'attribut LDAP qui contient le nom du répertoire personnel de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:338 msgid "Default: homeDirectory" msgstr "Par défaut : homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:344 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:347 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "L'attribut LDAP qui contient le chemin vers l'interpréteur de commandes de " "l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:351 msgid "Default: loginShell" msgstr "Par défaut : loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:357 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:360 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" "Par défaut : non défini dans le cas général, objectGUID pour AD et " "ipaUniqueID pour IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:371 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:374 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" "L'attribut LDAP qui contient l'objectSID d'un objet d'utilisateur LDAP. Ceci " "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:386 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" "L'attribut LDAP qui contient l'horodatage de la dernière modification de " "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:399 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:402 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " "the last password change)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (date de changement du dernier mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:412 msgid "Default: shadowLastChange" msgstr "Par défaut : shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:418 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:421 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " "password age)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie<citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (durée de validité minimum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:430 msgid "Default: shadowMin" msgstr "Par défaut : shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:436 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:439 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " "password age)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (âge maximum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:448 msgid "Default: shadowMax" msgstr "Par défaut : shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:454 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:457 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password warning period)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (période d'avertissement du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:467 msgid "Default: shadowWarning" msgstr "Par défaut : shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:473 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:476 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password inactivity period)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (période d'inactivité du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:486 msgid "Default: shadowInactive" msgstr "Par défaut : shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " "<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> counterpart (account expiration date)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow ou " "ldap_account_expire_policy=shadow, ce paramètre contient le nom de " "l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (date d'expiration du compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:505 msgid "Default: shadowExpire" msgstr "Par défaut : shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:511 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " "kerberos." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=mit_kerberos, ce paramètre contient " "le nom de l'attribut LDAP stockant la date et l'heure du dernier changement " "de mot de passe dans kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:520 msgid "Default: krbLastPwdChange" msgstr "Par défaut : krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:526 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:529 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=mit_kerberos, ce paramètre contient " "le nom de l'attribut LDAP stockant la date et l'heure d'expiration du mot de " "passe actuel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:535 msgid "Default: krbPasswordExpiration" msgstr "Par défaut : krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:541 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:544 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=ad, ce paramètre " "contient le nom d'un attribut LDAP stockant la date d'expiration du compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:549 msgid "Default: accountExpires" msgstr "Par défaut : accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:555 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:558 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=ad, ce paramètre " "contient le nom d'un attribut LDAP stockant le champ de bits de contrôle du " "compte utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:563 msgid "Default: userAccountControl" msgstr "Par défaut : userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:569 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:572 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=rhds ou équivalent, ce " "paramètre détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:577 msgid "Default: nsAccountLock" msgstr "Par défaut : nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:583 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:586 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=nds, cet attribut " "détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 msgid "Default: loginDisabled" msgstr "Par défaut : loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:596 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:599 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=nds, cet attribut " "détermine jusqu'à quand l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:610 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:613 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=nds, cet attribut " "détermine les heures des jours dans la semaine pendant lesquelles l'accès " "est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:618 msgid "Default: loginAllowedTimeMap" msgstr "Par défaut : loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:624 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:627 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" "L'attribut LDAP contenant le nom du principal d'utilisateur (UPN) Kerberos " "de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:631 msgid "Default: krbPrincipalName" msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:637 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:640 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" "Liste séparée par des virgules des attributs LDAP que SSSD va demander en " "plus des attributs utilisateur habituels." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:645 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " "LDAP attribute name is specified, the attribute is saved to the cache " "verbatim. Using a custom SSSD attribute name might be required by " "environments that configure several SSSD domains with different LDAP schemas." msgstr "" "La liste ne peut contenir que des noms d'attributs LDAP, ou des tuples " "séparés par des virgules de nom d'attribut de cache et nom d'attribut LDAP. " "Dans le cas où seul le nom d'un attribut LDAP est indiqué, l'attribut est " "enregistré tel quel dans le cache. L'utilisation d'un nom d'attribut SSSD " "peut être nécessaire pour les environnements configurant plusieurs domaines " "SSSD utilisant des schémas LDAP différents." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:655 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " "reserved attribute names is used as an extra attribute name." msgstr "" "Veuillez noter que plusieurs noms d'attributs sont réservés par SSSD, dont " "l'attribut <quote>name</quote>. SSSD émettrait une erreur si l'un des noms " "d'attributs réservés est utilisé par un nom d'attribut supplémentaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:665 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:668 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" "Enregistrer l'attribut LDAP <quote>telephoneNumber</quote> en tant que " "<quote>telephoneNumber</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:672 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:675 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" "Enregistrer l'attribut LDAP <quote>telephoneNumber</quote> en tant que " "<quote>phone</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:685 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:688 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:692 msgid "Default: sshPublicKey" msgstr "Par défaut : sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:698 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:701 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " "fail. Set this option to a non-zero value if you want to use an upper-case " "realm." msgstr "" "Certains serveurs d'annuaire, comme par exemple Active Directory, peuvent " "délivrer la partie domaine de l'UPN en minuscules, ce qui peut faire échouer " "l'authentification. Définir cette option à une valeur non nulle pour " "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:714 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:717 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" "Spécifie la durée en secondes pendant laquelle SSSD doit attendre avant " "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:728 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:731 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " "space." msgstr "" "Détermine la fréquence de vérification de la présence d'entrées inactives " "dans le cache (telles que groupes sans membres et utilisateurs ne s'étant " "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:737 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " "to detect entries removed from the server and can't be disabled. By default, " "the cleanup task will run every 3 hours with enumeration enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:752 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:755 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 #: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 msgid "Default: cn" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:765 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:768 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:772 msgid "Default: memberOf" msgstr "Par défaut : memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:778 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:781 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " "to determine access privilege." msgstr "" "Lorsque access_provider=ldap et ldap_access_order=authorized_service, SSSD " "utilise la présence de l'attribut authorizedService dans l'entrée LDAP de " "l'utilisateur pour déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:788 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" "Le refus explicite (!svc) est résolu en premier. Ensuite, SSSD cherche une " "autorisation explicite (svc) et enfin allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:793 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " "ldap_user_authorized_service option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>authorized_service</quote> de façon à permettre à " "l'option ldap_user_authorized_service de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:800 msgid "Default: authorizedService" msgstr "Par défaut : authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:806 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:809 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " "privilege." msgstr "" "Si access_provider=ldap et ldap_access_order=host, SSSD va utiliser la " "présence de l'attribut host dans l'entrée LDAP de l'utilisateur pour " "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:815 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" "Le refus explicite (!host) est résolu en premier. SSSD recherche ensuite les " "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:820 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " "ldap_user_authorized_host option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>host</quote> de façon à permettre à l'option " "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:827 msgid "Default: host" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:833 #, fuzzy #| msgid "ldap_user_authorized_host (string)" msgid "ldap_user_authorized_rhost (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:836 #, fuzzy #| msgid "" #| "If access_provider=ldap and ldap_access_order=host, SSSD will use the " #| "presence of the host attribute in the user's LDAP entry to determine " #| "access privilege." msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " "privilege. Similarly to host verification process." msgstr "" "Si access_provider=ldap et ldap_access_order=host, SSSD va utiliser la " "présence de l'attribut host dans l'entrée LDAP de l'utilisateur pour " "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:843 #, fuzzy #| msgid "" #| "An explicit deny (!host) is resolved first. Second, SSSD searches for " #| "explicit allow (host) and finally for allow_all (*)." msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" "Le refus explicite (!host) est résolu en premier. SSSD recherche ensuite les " "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:848 #, fuzzy #| msgid "" #| "Please note that the ldap_access_order configuration option " #| "<emphasis>must</emphasis> include <quote>host</quote> in order for the " #| "ldap_user_authorized_host option to work." msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " "ldap_user_authorized_rhost option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>host</quote> de façon à permettre à l'option " "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 #, fuzzy #| msgid "Default: host" msgid "Default: rhost" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:861 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:864 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:868 #, fuzzy #| msgid "Default: filter" msgid "Default: userCertificate;binary" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:874 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:877 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:887 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:890 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:893 msgid "Default: posixGroup" msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:899 msgid "ldap_group_name (string)" msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:902 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'attribut LDAP correspondant au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:913 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:916 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'attribut LDAP correspondant à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:926 msgid "ldap_group_member (string)" msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:929 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'attribut LDAP contenant les noms des membres du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:933 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:939 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:942 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:953 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:956 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" "L'attribut LDAP qui contient l'objectSID d'un objet de groupe LDAP. Ceci " "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:968 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:981 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:984 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" "L'attribut LDAP qui contient une valeur entière indiquant le type de groupe " "voire d'autres indicateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:989 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " "domains." msgstr "" "Cet attribut est actuellement utilisé uniquement par le fournisseur AD pour " "déterminer si un groupe est un groupe de domaine local et doit être filtré " "hors des domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:995 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1002 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1005 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1011 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1018 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1021 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" "Si ldap_schema est défini comme un format prenant en charge les groupes " "imbriqués (par exemple RFC2307bis), alors cette option contrôle le nombre de " "niveaux d'imbrication que SSSD suivra. Cette option n'a pas d'effet sur le " "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1028 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " "<emphasis>may be</emphasis> returned if previous lookups already resolved " "the deeper nesting levels. Also, subsequent lookups for other groups may " "enlarge the result set for original lookup if re-queried." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1037 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " "using <quote>id_provider=ad</quote> it is furthermore required to disable " "usage of Token-Groups by setting ldap_use_tokengroups to false in order to " "restrict group nesting." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1046 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1052 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1055 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " "complex or deep nested groups." msgstr "" "Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " "Directory spécifique qui peut accélérer les opérations de recherche de " "groupe sur les déploiements utilisant des groupes profondément imbriqués et " "complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1061 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" "Dans la plupart des cas, il est préférable de laisser cette option " "désactivée. Elle ne fournit une augmentation des performances que sur les " "imbrications très complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " "\"auto-detect\"." msgstr "" "Si cette option est activée, SSSD l'utilisera s'il détecte que le serveur la " "prend en charge au cours de la connexion initiale. Ainsi, « true » signifie " "essentiellement « auto-detect »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" "windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " "for more details." msgstr "" "Remarque : Cette fonctionnalité fonctionne uniquement avec Active Directory " "2008 R1 et versions suivantes. Consulter <ulink url=\"http://msdn.microsoft." "com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx\">la " "documentation de MSDN(TM)</ulink> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1084 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1087 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " "dealing with complex or deep nested groups)." msgstr "" "Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " "Directory spécifique qui peut accélérer les opérations initgroups (le plus " "souvent lors de l'utilisation de groupes profondément imbriqués ou " "complexes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1114 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" "Cette option active ou désactive l'utilisation de l'attribut Token-Groups " "lors de l'initialisation des groupes pour les utilisateurs Active Directory " "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1119 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1125 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1128 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1131 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1135 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1141 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1144 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1148 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1158 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1161 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1165 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1169 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1175 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1178 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'attribut LDAP contenant les triplets (hôte, utilisateur, domaine) d'un " "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1185 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1191 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1207 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1210 msgid "The object class of a service entry in LDAP." msgstr "La classe d'objet d'une entrée de service LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1213 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1219 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1222 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" "L'attribut LDAP qui contient le nom des attributs de service et de leurs " "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1232 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1235 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1239 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1245 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1248 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1252 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1258 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1263 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1266 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" "Définit le délai d'attente (en secondes) autorisé pour les recherches LDAP " "avant annulation et utilisation des résultats contenus dans le cache (et " "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1272 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " "lookup types." msgstr "" "Note : cette option est susceptible de changer dans les prochaines version " "de SSSD. Elle sera sûrement remplacée par une série de délais d'attente pour " "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1284 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1287 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " "are returned (and offline mode is entered)" msgstr "" "Définit le délai d'attente (en secondes) autorisé pour les recherches LDAP " "sur les utilisateurs et groupes avant annulation et utilisation des " "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1300 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1303 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" "<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" "manvolnum> </citerefentry> following a <citerefentry> " "<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" "citerefentry> returns in case of no activity." msgstr "" "Définit le délai d'attente (en secondes) après lequel les fonctions " "<citerefentry> <refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " "</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> " "<manvolnum>2</manvolnum> </citerefentry> suivant un <citerefentry> " "<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1326 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1329 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " "communicating with the KDC in case of SASL bind, the timeout of an LDAP bind " "operation, password change extended operation and the StartTLS operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1344 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1347 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " "in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " "the TGT lifetime) will be used." msgstr "" "Spécifie un délai d'attente (en secondes) pendant laquelle une connexion à " "un serveur LDAP est maintenue. Passé ce délai, la connexion devra être " "rétablie. Si ce paramètre est utilisé en parallèle avec SASL/GSSAPI, la plus " "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1361 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1364 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" "Définit le nombre d'enregistrements à récupérer lors d'une requête LDAP. " "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1369 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1375 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1378 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " "it is not enabled or does not behave properly." msgstr "" "Désactiver le contrôle de pagination LDAP. Cette option doit être utilisée " "si le serveur LDAP signale qu'il prend en charge le contrôle de pagination " "LDAP de l'objet RootDSE, mais qu'il n'est pas activé ou ne se comporte pas " "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1384 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" "Exemple : le serveurs OpenLDAP avec le module de contrôle de pagination " "installé sur le serveur mais non activé le signaleront dans RootDSE mais il " "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1390 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " "requests being denied." msgstr "" "Exemple : 389 DS a un bogue où il ne peut que soutenir qu'un seul contrôle " "de pagination à la fois sur une connexion donnée. Sur les clients chargés, " "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1402 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1405 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1408 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " "group contains more members, the reply would include an AD-specific range " "extension. This option disables parsing of the range extension, therefore " "large groups will appear as having no members." msgstr "" "Active Directory limite le nombre de membres à récupérer par recherche à " "l'aide de la stratégie MaxValRange (qui prend la valeur par défaut de 1500 " "membres). Si un groupe contient plus de membres, la réponse inclura une " "extension de plage spécifique à Active Directory. Cette option désactive " "l'analyse de cette extension de plage, les groupes de grande taille " "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1423 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1426 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " "option are defined by OpenLDAP." msgstr "" "Lors de la communication avec un serveur LDAP en utilisant SASL, spécifie le " "niveau de sécurité minimal nécessaire pour établir la connexion. Les valeurs " "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1432 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1439 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1442 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " "they are looked up individually." msgstr "" "Définit le nombre de membres du groupe qui doivent manquer au sein du cache " "interne afin de déclencher une recherche de déréférencement. Si le nombre de " "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1448 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" "Vous pouvez désactiver complètement les recherches de déréférencement en " "affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1452 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " "methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " "Directory." msgstr "" "Une recherche de déréférencement est un moyen pour récupérer tous les " "membres d'un groupe avec un seul appel LDAP. Plusieurs serveurs LDAP peuvent " "avoir différentes méthodes de déréférencement. Les serveurs actuellement " "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1460 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " "regardless of this setting." msgstr "" "<emphasis>Remarque :</emphasis> Si l'une des bases de recherche spécifie un " "filtre de recherche, alors l'amélioration de la performance de recherche de " "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1473 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1476 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" "Définit les vérifications à effectuer sur les certificats serveur sur une " "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1482 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" "<emphasis>never</emphasis> : le client ne demandera ni ne vérifiera un " "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1486 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, it will be ignored and the session proceeds normally." msgstr "" "<emphasis>allow</emphasis> : le certificat serveur est demandé. Si aucun " "certificat n'est fournit, la session continue normalement. Si un mauvais " "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1493 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, the session is immediately terminated." msgstr "" "<emphasis>try</emphasis> : le certificat serveur est demandé. Si aucun " "certificat n'est fourni, la session continue normalement. Si un mauvais " "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1499 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " "immediately terminated." msgstr "" "<emphasis>demand</emphasis> : le certificat serveur est demandé. Si aucun " "certificat ou un mauvais certificat est fourni, la session se termine " "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1505 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1509 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1515 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1518 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" "Définit le fichier qui contient les certificats pour toutes les autorités de " "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" "Par défaut : utilise les paramètres par défaut de OpenLDAP, en général dans " "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1530 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1533 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " "be the hash of the certificate followed by '.0'. If available, " "<command>cacertdir_rehash</command> can be used to create the correct names." msgstr "" "Spécifie le chemin d'un dossier qui contient les certificats de l'autorité " "de certificats dans des fichiers séparés. Usuellement, les noms de fichiers " "sont la somme de contrôle du certificat suivi de « .0 ». Si disponible, " "<command>cacertdir_rehash</command> peut être utilisé pour créer les noms " "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1548 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1551 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1561 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1564 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1573 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1576 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> for format." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1589 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1592 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" "Définit le fait que le fournisseur d'identité de connexion doit aussi " "utiliser <systemitem class=\"protocol\">tls</systemitem> pour protéger le " "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1602 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1605 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " "on ldap_user_uid_number and ldap_group_gid_number." msgstr "" "Indique que SSSD doit tenter de trouver les correspondances des ID " "d'utilisateur et de groupe dans les attributs ldap_user_objectsid et " "ldap_group_objectsid au lieu d'utiliser ldap_user_uid_number et " "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1611 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1621 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1624 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " "ldap_group_gid_number is unbound. In a setup with sub/trusted-domains this " "might lead to ID collisions. To avoid collisions ldap_min_id and ldap_max_id " "can be set to restrict the allowed range for the IDs which are read directly " "from the server. Sub-domains can then pick other ranges to map IDs." msgstr "" "Au contraire de la mise en correspondance d'identifiants s'appuyant sur les " "SID utilisée si ldap_id_mapping est positionné à true, les plages " "d'identifiants autorisés pour ldap_user_uid_number et ldap_group_gid_number " "n'ont pas de limite. Dans une configuration avec des sous-domaines ou des " "domaines approuvés, cela peut engendrer des collisions. Pour les éviter, " "ldap_min_id et ldap_max_id peuvent être configurés afin de restreindre les " "plages d'identifiants autorisées lues directement depuis le serveur. Les " "sous-domaines peuvent ensuite choisir d'autres plages pour leurs propres " "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1636 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1642 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1645 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" "Définit le mécanisme SASL à utiliser. Actuellement, seul GSSAPI est testé et " "pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1655 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1658 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " "This option can either contain the full principal (for example host/" "myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" "Définit l'identité à utiliser pour l'autorisation SASL. Lorsque GSSAPI est " "utilisé, c'est l'identifiant Kerberos principal utilisé pour s'authentifier " "à l'annuaire. Cette option peut soit contenir le principal complet (par " "exemple host/myhost@EXAMPLE.COM), soit juste le nom du principal (par " "exemple host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1666 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1672 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1675 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " "well, this option is ignored." msgstr "" "Spécifie le domaine SASL à utiliser. Si non spécifié, cette option prend par " "défaut la valeur de krb5_realm. Si le ldap_sasl_authid contient aussi le " "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1681 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1687 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" "Si true, la bibliothèque LDAP effectue une recherche inversée pour canoniser " "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1695 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1701 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1704 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1707 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1713 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " "GSSAPI." msgstr "" "Définit le fait que le fournisseur d'identité doit initialiser les données " "d'identification Kerberos (TGT). Cette action est effectuée seulement si " "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1728 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1731 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1744 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. An optional port number (preceded by a " "colon) may be appended to the addresses or hostnames. If empty, service " "discovery is enabled - for more information, refer to the <quote>SERVICE " "DISCOVERY</quote> section." msgstr "" "Spécifie par ordre de préférence la liste séparée par des virgules des " "adresses IP ou des noms de systèmes des serveurs Kerberos auquel SSSD doit " "se connecter. Pour plus d'informations sur la redondance de bascule et la " "redondance de serveur, consulter la section <quote>BASCULE</quote>. Un " "numéro de port facultatif (précédé de deux-points) peut être ajouté aux " "adresses ou aux noms de systèmes. Si vide, la découverte de services est " "activée - pour plus d'informations, se reporter à la section de " "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " "none are found." msgstr "" "Lors de l'utilisation de découverte de services pour le KDC ou les serveurs " "kpasswd, SSSD recherche en premier les entrées DNS qui définissent _udp " "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " "migrate their config files to use <quote>krb5_server</quote> instead." msgstr "" "Cette option s'appelait <quote>krb5_kdcip</quote> dans les versions " "précédentes de SSSD. Bien que ce nom soit toujours reconnu à l'heure " "actuelle, il est conseillé de migrer les fichiers de configuration vers " "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1773 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1776 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1785 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" "Spécifie si le principal de l'hôte doit être rendu canonique lors de la " "connexion au serveur LDAP. Cette fonctionnalité est disponible avec MIT " "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " "to configure the Kerberos library using the <citerefentry> " "<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> configuration file." msgstr "" "Indique si SSSD doit préciser aux bibliothèques Kerberos quels domaine et " "KDC utiliser. Cette option est activée par défaut, si elle est désactivée, " "la bibliothèque Kerberos doit être configurée à l'aide du fichier de " "configuration <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " "information on the locator plugin." msgstr "" "Consulter la page de manuel de <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry> pour plus d'informations sur le greffon de " "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1825 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1828 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" "Détermine la politique d'expiration des mots de passe côté client. Les " "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1833 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" "<emphasis>none</emphasis> : aucun évaluation du côté client. Cette option ne " "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1838 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" "<emphasis>shadow</emphasis> - Utiliser les attributs de style " "<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1844 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" "<emphasis>mit_kerberos</emphasis> : utilise les attributs utilisés par MIT " "Kerberos pour déterminer si le mot de passe a expiré. Utiliser " "chpass_provider=krb5 afin de modifier ces attributs lorsque le mot de passe " "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" "<emphasis>Note</emphasis> : si une politique de mots de passe est configurée " "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1861 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1864 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1868 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" "Veuillez noter que sssd ne supporte que le déréférencement que lorsqu'il est " "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1873 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " "does not in fact require the use of referrals, setting this option to false " "might bring a noticeable performance improvement." msgstr "" "La déréférenciation de références peut subir une altération notable des " "performances dans les environnements qui les utilisent fortement, un exemple " "notable étant Microsoft Active Directory. Si votre installation ne nécessite " "pas l'utilisation des références, affecter false à cette option devrait " "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1887 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1890 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1894 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1900 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1903 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser pour trouver un serveur LDAP autorisant " "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1908 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1914 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1917 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" "Spécifie s'il faut mettre à jour l'attribut ldap_user_shadow_last_change " "avec le nombre de jours depuis Epoch après l'opération de changement de mot " "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1929 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1932 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " "must be met for the user to be granted access on this host. If " "access_provider = ldap, ldap_access_order = filter and this option is not " "set, it will result in all users being denied access. Use access_provider = " "permit to change this default behavior. Please note that this filter is " "applied on the LDAP user entry only and thus filtering based on nested " "groups may not work (e.g. memberOf attribute on AD entries points only to " "direct parents). If filtering based on nested groups is required, please see " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1952 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ldap.5.xml:1955 #, no-wrap msgid "" "access_provider = ldap\n" "ldap_access_filter = (employeeType=admin)\n" " " msgstr "" "access_provider = ldap\n" "ldap_access_filter = (employeeType=admin)\n" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1959 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" "Cet exemple signifie que l'accès à cet hôte est restreint aux utilisateurs " "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1964 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " "access during their last login, they will continue to be granted access " "while offline and vice versa." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1978 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1981 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" "Avec cette option une évaluation du côté client des contrôles d'accès peut " "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1985 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " "even if the password is correct." msgstr "" "Veuillez noter qu'il est toujours recommandé d'utiliser un contrôle d'accès " "du côté serveur, c'est-à-dire que le serveur LDAP doit refuser une requête " "de connexion avec un code erreur approprié même si le mot de passe est " "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1992 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1995 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" "<emphasis>shadow</emphasis> : utiliser la valeur de ldap_user_shadow_expire " "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2000 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " "set. If the attribute is missing access is granted. Also the expiration time " "of the account is checked." msgstr "" "<emphasis>ad</emphasis> : utilise la valeur du champ 32 bits " "ldap_user_ad_user_account_control et autorise l'accès si le deuxième bit " "n'est pas défini. Si l'attribut est manquant, l'accès est autorisé. La date " "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2007 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " "allowed or not." msgstr "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis> : utilise la valeur de ldap_ns_account_lock afin de vérifier si " "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2013 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " "ldap_user_nds_login_expiration_time are used to check if access is allowed. " "If both attributes are missing access is granted." msgstr "" "<emphasis>nds</emphasis> : les valeurs de " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled et " "ldap_user_nds_login_expiration_time sont utilisées pour vérifier si l'accès " "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2022 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " "ldap_account_expire_policy option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>expire</quote> de façon à permettre à l'option " "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2035 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2038 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2042 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2045 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " "and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn. " "Please note that 'access_provider = ldap' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2055 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2062 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " "and has value of '000001010000Z' or represents any time in the past. The " "value of the 'pwdAccountLockedTime' attribute must end with 'Z', which " "denotes the UTC time zone. Other time zones are not currently supported and " "will result in \"access-denied\" when users attempt to log in. Please see " "the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' " "must be set for this feature to work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2079 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2083 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " "interested in being warned that password is about to expire and " "authentication is based on using a different method than passwords - for " "example SSH keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2093 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " "pwd_expire_policy_warn - user is still able to log in, " "pwd_expire_policy_renew - user is prompted to change his password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2101 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2105 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2110 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" "<emphasis>authorized_service</emphasis> : utiliser l'attribut " "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2115 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2119 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2123 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2128 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2131 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" "Veuillez noter qu'une valeur utilisée plusieurs fois résulte en une erreur " "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2138 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2141 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " "lockout checking will yield access denied as ppolicy attributes on LDAP " "server cannot be checked properly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2149 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2152 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2158 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2161 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" "Définit comment le déréférencement de l'alias est effectué lors d'une " "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2166 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2170 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" "<emphasis>searching</emphasis> : Les alias sont déréférencés comme des " "subordonnés de l'objet de base, mais pas en localisant l'objet de base de la " "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2175 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" "<emphasis>finding</emphasis> : les alias sont seulement déréférencés lors de " "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2180 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" "<emphasis>always</emphasis> : les alias sont déréférencés à la fois pour la " "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2185 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" "Par défaut : vide (ceci est traité comme <emphasis>never</emphasis> par les " "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2193 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2196 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" "Permet de conserver les utilisateurs locaux en tant que membres d'un groupe " "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2200 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " "The self-consistency of the domain is compromised when this is done, so SSSD " "would normally remove the \"missing\" users from the cached group " "memberships as soon as nsswitch tries to fetch information about the user " "via getpw*() or initgroups() calls." msgstr "" "Dans certains environnements où le schéma RFC2307 est utilisé, les " "utilisateurs locaux deviennent membres du groupes LDAP en ajoutant leurs " "noms à l'attribut memberUid. La cohérence du domaine est compromise quand " "cela est fait, SSSD supprimerait normalement les utilisateurs « disparus » " "des appartenances aux groupes mises en cache dès que nsswitch essaie de " "récupérer des informations sur l'utilisateur via des appels à getpw*() ou " "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2211 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " "additional LDAP groups." msgstr "" "Cette option vérifie en dernier recours si les utilisateurs locaux sont " "référencés et les met en cache afin que des appels ultérieurs à initgoups() " "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2226 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2230 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2234 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " "of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for full details. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" "Toutes les options de configuration communes appliquées aux domaines SSSD " "s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " "DOMAINE</quote> dans la page de manuel <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2244 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2246 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2257 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2260 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2263 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2269 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2272 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2282 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2285 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2289 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2295 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2298 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" "L'attribut LDAP qui correspond au nom d'hôte (ou adresse IP de l'hôte, " "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2303 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2309 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2312 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" "L'attribut LDAP qui correspond au nom d'utilisateur (ou UID, le nom du " "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2316 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2322 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2325 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2329 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2335 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2338 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" "L'attribut LDAP qui correspond aux commandes peuvent être exécutées sous le " "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2342 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2348 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2351 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" "L'attribut LDAP qui correspond au nom du groupe ou GID du groupe sous lequel " "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2355 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2361 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2364 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" "L'attribut LDAP qui correspond à la date/heure de début pour laquelle la " "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2368 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2374 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2377 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" "L'attribut LDAP qui correspond à la date/heure d'expiration, après quoi la " "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2382 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2388 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2391 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2395 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2401 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2404 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" "La durée en secondes pendant laquelle SSSD va attendre entre deux " "actualisations complètes des règles de sudo (qui téléchargent toutes les " "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2409 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" "La valeur doit être supérieure à <emphasis>ldap_sudo_smart_refresh_interval</" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2414 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2420 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2423 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " "of cached rules)." msgstr "" "La durée en secondes pendant laquelle SSSD doit attendre avant d'exécuter " "une actualisation intelligente des règles sudo (qui télécharge toutes les " "règles qui ont un USN supérieur à l'USN le plus élevé des règles mises en " "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2429 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" "Si les attributs USN ne sont pas pris en charge par le serveur, l'attribut " "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2439 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2442 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" "Si true, SSSD téléchargera les seules règles qui s'appliquent à cette " "machine (à l'aide de l'adresse de système ou de réseau IPv4 ou IPv6 et des " "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2453 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2456 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" "Liste séparés par des espaces des noms de systèmes ou de domaines qui " "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2461 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" "Si cette option est vide, SSSD va essayer de découvrir automatiquement le " "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 #: sssd-ldap.5.xml:2525 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" "Si <emphasis>ldap_sudo_use_host_filter</emphasis> est <emphasis>false</" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2477 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2480 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" "Liste séparés par des espaces d'adresses de système ou de réseaux IPv4 ou " "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2485 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" "Si cette option est vide, SSSD va essayer de découvrir les adresses " "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2500 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2503 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" "Si elle est vraie alors SSSD téléchargera toutes les règles qui contient un " "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2518 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2521 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" "Si positionnée à true, SSSD téléchargera toutes les règles qui contiennent " "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2537 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" "Cette page de manuel décrit uniquement le mappage de noms d'attribut. Pour " "une explication détaillée des sémantiques d'attributs relatives à sudo, cf. " "<citerefentry><refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2547 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2549 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2555 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2558 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2561 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2568 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2571 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2574 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2582 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2585 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2588 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2596 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2599 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2604 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2612 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" "La clé d'une entrée de montage automatique dans LDAP. L'entrée correspond " "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2619 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2627 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2634 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2553 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2645 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2652 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2657 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2662 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> #: sssd-ldap.5.xml:2667 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> #: sssd-ldap.5.xml:2669 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " "memberships, even with no GID mapping. It is recommended to disable this " "feature, if group names are not being displayed correctly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> #: sssd-ldap.5.xml:2676 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2678 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2683 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2647 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " "are doing. <placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 #: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2700 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " "section." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et que LDAP " "pointe sur un des domaines de la section <replaceable>[domains]</" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ldap.5.xml:2706 #, no-wrap msgid "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" msgstr "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> #: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 #: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2717 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2719 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ldap.5.xml:2724 #, no-wrap msgid "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "access_provider = ldap\n" "ldap_access_order = lockout\n" "ldap_pwdlockout_dn = cn=ppolicy,ou=policies,dc=mydomain,dc=org\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" msgstr "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "access_provider = ldap\n" "ldap_access_order = lockout\n" "ldap_pwdlockout_dn = cn=ppolicy,ou=policies,dc=mydomain,dc=org\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 #: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2741 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " "distribution." msgstr "" "Les descriptions de quelques unes des options de configuration des pages de " "manuel sont basées sur le manuel de <citerefentry> <refentrytitle>ldap.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> de la distribution " "de OpenLDAP 2.4." #. type: Content of: <reference><refentry><refnamediv><refname> #: pam_sss.8.xml:11 pam_sss.8.xml:16 msgid "pam_sss" msgstr "pam_sss" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: pam_sss.8.xml:17 msgid "PAM module for SSSD" msgstr "Module PAM pour SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:22 msgid "" "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" "replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" "replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" "arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </" "arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </" "arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg> <arg " "choice='opt'> <replaceable>allow_missing_name</replaceable> </arg> <arg " "choice='opt'> <replaceable>prompt_always</replaceable> </arg>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:58 msgid "" "<command>pam_sss.so</command> is the PAM interface to the System Security " "Services daemon (SSSD). Errors and results are logged through " "<command>syslog(3)</command> with the LOG_AUTHPRIV facility." msgstr "" "<command>pam_sss.so</command> est l'interface PAM pour le démon des services " "de sécurité système (SSSD). Les erreurs et résultats sont journalisés par " "<command>syslog(3)</command> avec l'argument LOG_AUTHPRIV." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:68 msgid "<option>quiet</option>" msgstr "<option>quiet</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:71 msgid "Suppress log messages for unknown users." msgstr "Supprimer les messages de journal pour les utilisateurs inconnus." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:76 msgid "<option>forward_pass</option>" msgstr "<option>forward_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:79 msgid "" "If <option>forward_pass</option> is set the entered password is put on the " "stack for other PAM modules to use." msgstr "" "Si <option>forward_pass</option> est défini, le mot de passe saisi est " "inséré en mémoire pour les autres modules PAM utilisés." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:86 msgid "<option>use_first_pass</option>" msgstr "<option>use_first_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:89 msgid "" "The argument use_first_pass forces the module to use a previous stacked " "modules password and will never prompt the user - if no password is " "available or the password is not appropriate, the user will be denied access." msgstr "" "L'argument use_first_pass force le module à utliser un module de mot de " "passe déjà en mémoire et n'en fera jamais la demande à l'utilisateur. Si " "aucun mot de passe n'est disponible ou que celui-ci n'est pas approprié, " "l'utilisateur verra son accès refusé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:97 msgid "<option>use_authtok</option>" msgstr "<option>use_authtok</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:100 msgid "" "When password changing enforce the module to set the new password to the one " "provided by a previously stacked password module." msgstr "" "Lorsque le changement de mot de passe force le module à modifier le mot de " "passe par celui fourni par un module de mot de passe déjà chargé en mémoire." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:107 msgid "<option>retry=N</option>" msgstr "<option>retry=N</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:110 msgid "" "If specified the user is asked another N times for a password if " "authentication fails. Default is 0." msgstr "" "Si définit, on demande le mot de passe à l'utilisateur encore N fois si " "l'authentification échoue. Par défaut : 0." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:112 msgid "" "Please note that this option might not work as expected if the application " "calling PAM handles the user dialog on its own. A typical example is " "<command>sshd</command> with <option>PasswordAuthentication</option>." msgstr "" "Veuillez noter que cette option peut ne pas fonctionner comme attendu si " "l'application qui appelle PAM gère lui-même les dialogues avec " "l'utilisateur. Un exemple typique est <command>sshd</command> avec " "<option>PasswordAuthentication</option>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:121 msgid "<option>ignore_unknown_user</option>" msgstr "<option>ignore_unknown_user</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:124 msgid "" "If this option is specified and the user does not exist, the PAM module will " "return PAM_IGNORE. This causes the PAM framework to ignore this module." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:131 msgid "<option>ignore_authinfo_unavail</option>" msgstr "<option>ignore_authinfo_unavail</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:135 msgid "" "Specifies that the PAM module should return PAM_IGNORE if it cannot contact " "the SSSD daemon. This causes the PAM framework to ignore this module." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:142 msgid "<option>domains</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:146 msgid "" "Allows the administrator to restrict the domains a particular PAM service is " "allowed to authenticate against. The format is a comma-separated list of " "SSSD domain names, as specified in the sssd.conf file." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:152 msgid "" "NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " "and <quote>pam_public_domains</quote> options. Please see the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for more information on these two PAM " "responder options." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:166 msgid "<option>allow_missing_name</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:170 msgid "" "The main purpose of this option is to let SSSD determine the user name based " "on additional information, e.g. the certificate from a Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: pam_sss.8.xml:180 #, no-wrap msgid "" "auth sufficient pam_sss.so allow_missing_name\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:175 msgid "" "The current use case are login managers which can monitor a Smartcard reader " "for card events. In case a Smartcard is inserted the login manager will call " "a PAM stack which includes a line like <placeholder type=\"programlisting\" " "id=\"0\"/> In this case SSSD will try to determine the user name based on " "the content of the Smartcard, returns it to pam_sss which will finally put " "it on the PAM stack." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:190 msgid "<option>prompt_always</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:194 msgid "" "Always prompt the user for credentials. With this option credentials " "requested by other PAM modules, typically a password, will be ignored and " "pam_sss will prompt for credentials again. Based on the pre-auth reply by " "SSSD pam_sss might prompt for a password, a Smartcard PIN or other " "credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:207 msgid "MODULE TYPES PROVIDED" msgstr "TYPES DE MODULES FOURNIS" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:208 msgid "" "All module types (<option>account</option>, <option>auth</option>, " "<option>password</option> and <option>session</option>) are provided." msgstr "" "Tous les types de module (<option>account</option>, <option>auth</option>, " "<option>password</option> et <option>session</option>) sont fournis." #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:214 msgid "FILES" msgstr "FICHIERS" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:215 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " "This message can e.g. contain instructions about how to reset a password." msgstr "" "Si une réinitialisation par root d'un mot de passe échoue parce que le " "fournisseur SSSD correspondant ne prend pas en charge la réinitialisation de " "mot de passe, un message spécifique peut être affiché. Ce message peut, par " "exemple, contenir les instructions permettant la réinitialisation." #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:220 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " "<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" "citerefentry>. If there is no matching file the content of " "<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " "the owner of the files and only root may have read and write permissions " "while all other users must have only read permissions." msgstr "" "Le message est lu depuis le fichier <filename>pam_sss_pw_reset_message.LOC</" "filename> où LOC représente une chaîne de paramètres régionaux retournée par " "<citerefentry><refentrytitle>setlocale</refentrytitle> <manvolnum>3</" "manvolnum></citerefentry>. Si il n'y a aucun fichier correspondant, le " "contenu de <filename>pam_sss_pw_reset_message.txt</filename> est affiché. " "L'utilisateur root doit être le propriétaire des fichiers et seul root peut " "avoir les autorisations en lecture et en écriture alors que tous les autres " "utilisateurs doivent avoir les autorisations en lecture seule." #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:230 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " "displayed." msgstr "" "Ces fichiers sont recherchés dans le dossier <filename>/etc/sssd/customize/" "NOM_DE_DOMAINE/</filename>. Si aucun fichier correspondant n'est présent, un " "message spécifique est affiché." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 msgid "sssd_krb5_locator_plugin" msgstr "sssd_krb5_locator_plugin" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd_krb5_locator_plugin.8.xml:16 msgid "Kerberos locator plugin" msgstr "Greffon de localisation Kerberos" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " "used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " "libraries what Realm and which KDC to use. Typically this is done in " "<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> which is always read by the Kerberos libraries. " "To simplify the configuration the Realm and the KDC can be defined in " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> as described in <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" "Le greffon de localisation Kerberos <command>sssd_krb5_locator_plugin</" "command> est utilisé par le fournisseur Kerberos de " "<citerefentry><refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> pour indiquer aux bibliothèques Kerberos quel domaine et quel " "KDC à utiliser. En général, cela se fait en " "<citerefentry><refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> qui est toujours lu par les bibliothèques de " "Kerberos. Pour simplifier la configuration, le Domaine et le KDC peuvent " "être définis dans <citerefentry><refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> comme indiqué dans " "<citerefentry><refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:48 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry> puts the Realm and the name or IP address of the KDC into " "the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " "When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " "libraries it reads and evaluates these variables and returns them to the " "libraries." msgstr "" "<citerefentry><refentrytitle>SSSD</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> met le nom de domaine et le nom ou adresse IP du KDC dans les " "variables d'environnement SSSD_KRB5_REALM et SSSD_KRB5_KDC respectivement. " "Lorsque <command>sssd_krb5_locator_plugin</command> est appelé par les " "bibliothèques de kerberos, il lit et évalue ces variables et les transmet " "aux bibliothèques." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:63 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " "you have to edit /etc/krb5.conf to reflect your Kerberos setup." msgstr "" "Toutes les versions de Kerberos ne prennent en charge l'utilisation de " "greffons. Si <command>sssd_krb5_locator_plugin</command> n'est pas présent " "sur votre système, il faut modifier /etc/krb5.conf pour s'adapter à la " "configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:69 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" "Si la variable d'environnement SSSD_KRB5_LOCATOR_DEBUG a une valeur " "quelconque, des messages de débogage seront envoyés sur la sortie standard " "d'erreur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:73 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" msgstr "sssd-simple" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-simple.5.xml:17 msgid "the configuration file for SSSD's 'simple' access-control provider" msgstr "" "le fichier de configuration pour le fournisseur de contrôle d'accès « " "simple » de SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:24 msgid "" "This manual page describes the configuration of the simple access-control " "provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " "refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur de contrôle " "d'accès simple de <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. Pour plus de détails sur la " "syntaxe, cf. la section <quote>FORMAT DE FICHIER</quote> de la page de " "manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:38 msgid "" "The simple access provider grants or denies access based on an access or " "deny list of user or group names. The following rules apply:" msgstr "" "Le fournisseur d'accès simple autorise les accès à partir de listes " "d'autorisation ou de refus de noms d'utilisateurs ou de groupes. Les règles " "suivantes s'appliquent :" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:43 msgid "If all lists are empty, access is granted" msgstr "Si toutes les listes sont vides, l'accès est autorisé" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:47 msgid "" "If any list is provided, the order of evaluation is allow,deny. This means " "that any matching deny rule will supersede any matched allow rule." msgstr "" "Si une liste est fournie, quelle qu'elle soit, l'ordre d'évaluation est " "allow,deny. Autrement dit une règle de refus écrasera une règle " "d'autorisation." #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:54 msgid "" "If either or both \"allow\" lists are provided, all users are denied unless " "they appear in the list." msgstr "" "Si la ou les listes fournies sont seulement de type « allow », tous les " "utilisateurs sont refusés à moins qu'ils ne soient dans la liste." #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:60 msgid "" "If only \"deny\" lists are provided, all users are granted access unless " "they appear in the list." msgstr "" "Si seulement les listes « deny » sont utilisées, tous les utlisateurs sont " "autorisés à moins qu'ils ne soient dans la liste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:78 msgid "simple_allow_users (string)" msgstr "simple_allow_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:81 msgid "Comma separated list of users who are allowed to log in." msgstr "" "Liste séparée par des virgules d'utilisateurs autorisés à se connecter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:88 msgid "simple_deny_users (string)" msgstr "simple_deny_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:91 msgid "Comma separated list of users who are explicitly denied access." msgstr "" "Liste séparée par des virgules d'utilisateurs dont l'accès sera refusé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:97 msgid "simple_allow_groups (string)" msgstr "simple_allow_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:100 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" "Liste séparée par des virgules de groupes autorisés à se connecter. Ceci ne " "s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaux ne sont " "pas pris en compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:108 msgid "simple_deny_groups (string)" msgstr "simple_deny_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:111 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" "Liste séparée par des virgules de groupes dont l'accès sera refusé. Ceci ne " "s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaux ne sont " "pas pris en compte." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Se référer à la section <quote>SECTIONS DE DOMAINE</quote> de la page de " "manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour les détails sur la configuration d'un " "domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" "Specifying no values for any of the lists is equivalent to skipping it " "entirely. Beware of this while generating parameters for the simple provider " "using automated scripts." msgstr "" "Ne spécifier aucune valeur pour aucune des listes revient à l'ignorer " "complètement. Se méfier de ceci lors de la création des paramètres pour le " "fournisseur simple à l'aide automatique de scripts." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:125 msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" "Veuillez noter que la configuration simultanée de simple_allow_users et " "simple_deny_users est une erreur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the simple access provider-specific options." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et que example." "com est un des domaines dans la section <replaceable>[sssd]</replaceable>. " "Ces exemples montrent seulement les options spécifiques du fournisseur " "d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-simple.5.xml:140 #, no-wrap msgid "" "[domain/example.com]\n" "access_provider = simple\n" "simple_allow_users = user1, user2\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:150 msgid "" "The complete group membership hierarchy is resolved before the access check, " "thus even nested groups can be included in the access lists. Please be " "aware that the <quote>ldap_group_nesting_level</quote> option may impact the " "results and should be set to a sufficient value. (<citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>) option." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss-certmap.5.xml:10 sss-certmap.5.xml:16 msgid "sss-certmap" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss-certmap.5.xml:17 msgid "SSSD Certificate Matching and Mapping Rules" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss-certmap.5.xml:23 msgid "" "The manual page describes the rules which can be used by SSSD and other " "components to match X.509 certificates and map them to accounts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss-certmap.5.xml:28 msgid "" "Each rule has four components, a <quote>priority</quote>, a <quote>matching " "rule</quote>, a <quote>mapping rule</quote> and a <quote>domain list</" "quote>. All components are optional. A missing <quote>priority</quote> will " "add the rule with the lowest priority. The default <quote>matching rule</" "quote> will match certificates with the digitalSignature key usage and " "clientAuth extended key usage. If the <quote>mapping rule</quote> is empty " "the certificates will be searched in the userCertificate attribute as DER " "encoded binary. If no domains are given only the local domain will be " "searched." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss-certmap.5.xml:41 msgid "RULE COMPONENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:43 msgid "PRIORITY" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:45 msgid "" "The rules are processed by priority while the number '0' (zero) indicates " "the highest priority. The higher the number the lower is the priority. A " "missing value indicates the lowest priority." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:50 msgid "" "Internally the priority is treated as unsigned 32bit integer, using a " "priority value larger than 4294967295 will cause an error." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:55 msgid "MATCHING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:57 msgid "" "The matching rule is used to select a certificate to which the mapping rule " "should be applied. It uses a system similar to the one used by " "<quote>pkinit_cert_match</quote> option of MIT Kerberos. It consists of a " "keyword enclosed by '<' and '>' which identified a certain part of the " "certificate and a pattern which should be found for the rule to match. " "Multiple keyword pattern pairs can be either joined with '&&' (and) " "or '||' (or)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:69 msgid "<SUBJECT>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:72 msgid "" "With this a part or the whole subject name of the certificate can be " "matched. For the matching POSIX Extended Regular Expression syntax is used, " "see regex(7) for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:78 msgid "" "For the matching the subject name stored in the certificate in DER encoded " "ASN.1 is converted into a string according to RFC 4514. This means the most " "specific name component comes first. Please note that not all possible " "attribute names are covered by RFC 4514. The names included are 'CN', 'L', " "'ST', 'O', 'OU', 'C', 'STREET', 'DC' and 'UID'. Other attribute names might " "be shown differently on different platform and by different tools. To avoid " "confusion those attribute names are best not used or covered by a suitable " "regular-expression." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:91 msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:96 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:99 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:104 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:109 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:112 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:116 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:117 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:118 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:119 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:120 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:121 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:122 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:123 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:124 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:128 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:132 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:137 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:140 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:144 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:145 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:146 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:147 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:148 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:149 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:150 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:151 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:152 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:156 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:160 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:165 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:168 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" "Principal> does." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:173 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:178 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:181 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:185 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:190 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:193 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:197 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:202 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:205 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:213 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:216 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " "regular expression." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:222 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:227 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:230 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " "otherName components with special encodings which could not be treated as " "strings." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:237 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:242 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:245 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:248 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:253 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:256 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:259 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:264 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:267 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:270 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:275 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:278 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:283 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:288 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:291 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:294 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:299 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:302 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:305 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:310 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:313 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:316 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:321 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:324 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:328 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:66 msgid "" "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:336 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:338 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " "then be used to authenticate as one of those accounts." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:343 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " "this the mapping rule is based on LDAP search filter syntax with templates " "to add certificate content to the filter. It is expected that the filter " "will only contain the specific data needed for the mapping and that the " "caller will embed it in another filter to do the actual search. Because of " "this the filter string should start and stop with '(' and ')' respectively." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:353 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " "'altSecurityIdentities' attribute in AD or the 'ipaCertMapData' attribute " "for IPA can be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:359 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " "is that the user specific data in LDAP might change for various reasons " "would break the mapping. On the other hand it would be hard to break the " "mapping on purpose for a specific user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:374 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:377 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " "the '_x500' prefix should be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:383 sss-certmap.5.xml:409 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:387 sss-certmap.5.xml:413 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:391 sss-certmap.5.xml:417 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:395 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:400 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:403 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " "the '_x500' prefix should be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:421 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:426 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:429 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " "either converted to an escaped hex sequence '\\xx' or base64. The escaped " "hex sequence is the default and can e.g. be used with the LDAP attribute " "'userCertificate;binary'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:437 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:442 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:445 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " "represents the first part of the principal before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:451 sss-certmap.5.xml:479 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:456 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:459 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " "principal before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:465 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:470 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:473 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " "before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:484 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:487 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " "represents the first part of the address before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:493 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:498 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:501 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " "component represents the first part of the name before the first '.' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:507 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:512 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:515 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:519 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:524 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:527 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:531 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:536 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:539 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:544 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:549 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:552 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:556 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:561 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:564 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:569 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:574 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:582 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:367 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " "with an optional sub-component specifier separated by a '.' or an optional " "conversion/formatting option separated by a '!'. Allowed values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:590 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:592 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " "as they are know by SSSD. Domains not know to SSSD will be ignored." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 msgid "sssd-ipa" msgstr "sssd-ipa" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ipa.5.xml:17 msgid "SSSD IPA provider" msgstr "Fournisseur IPA SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:23 msgid "" "This manual page describes the configuration of the IPA provider for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur IPA pour " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Pour une référence détaillée sur la syntaxe, veuillez " "regarder la section <quote>FORMAT DE FICHIER</quote> de la page de manuel " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:36 msgid "" "The IPA provider is a back end used to connect to an IPA server. (Refer to " "the freeipa.org web site for information about IPA servers.) This provider " "requires that the machine be joined to the IPA domain; configuration is " "almost entirely self-discovered and obtained directly from the server." msgstr "" "Le fournisseur IPA est le moteur pour se connecter à un serveur IPA. (Cf. le " "site freeipa.org pour plus d'informations sur les serveurs IPA). Ce " "fournisseur nécessite que la machine soit joignable pour le domaine IPA ; la " "configuration est presque entièrement obtenue et auto-découverte à partir du " "serveur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:43 msgid "" "The IPA provider enables SSSD to use the <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> identity " "provider and the <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> authentication provider with " "optimizations for IPA environments. The IPA provider accepts the same " "options used by the sssd-ldap and sssd-krb5 providers with some exceptions. " "However, it is neither necessary nor recommended to set these options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:57 msgid "" "The IPA provider primarily copies the traditional ldap and krb5 provider " "default options with some exceptions, the differences are listed in the " "<quote>MODIFIED DEFAULT OPTIONS</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:62 msgid "" "As an access provider, the IPA provider uses HBAC (host-based access " "control) rules. Please refer to freeipa.org for more information about " "HBAC. No configuration of access provider is required on the client side." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" "Le fournisseur IPA utilisera le répondeur PAC si les tickets Kerberos " "d'utilisateurs de domaines Kerberos approuvés contiennent un PAC. Pour " "rendre la configuration plus facile, le répondeur PAC est démarré " "automatiquement si le fournisseur d'ID de IPA est configuré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:83 msgid "ipa_domain (string)" msgstr "ipa_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:86 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" "Définit le nom du domaine IPA. Facultatif, s'il n'est pas fourni, le nom de " "domaine de la configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:94 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:97 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " "on failover and server redundancy, see the <quote>FAILOVER</quote> section. " "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" "La liste par ordre de préférence séparée par des virgules des adresses IP ou " "des noms de systèmes des serveurs IPA auxquels SSSD doit se connecter . Pour " "plus d'informations sur la redondance de serveurs et la bascule, consulter " "la section <quote>BASCULE</quote>. Ceci est facultatif si la découverte " "automatique est activée. Pour plus d'informations sur la découverte de " "services, se reporter à la section de <quote>DÉCOUVERTE DE SERVICE</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:110 msgid "ipa_hostname (string)" msgstr "ipa_hostname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:113 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " #| "the fully qualified name used in the IPA domain to identify this host." msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " "hostname must be fully qualified." msgstr "" "Facultatif. Peut être défini pour des machines dont le hostname(5) ne " "reflète pas le nom de domaine pleinement qualifié du domaine IPA pour " "identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:125 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " "using GSS-TSIG. The IP address of the IPA LDAP connection is used for the " "updates, if it is not otherwise specified by using the <quote>dyndns_iface</" "quote> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" "NOTE : Sur les systèmes plus anciens (tels que RHEL 5), afin que ce " "comportement fonctionne de façon fiable, le domaine Kerberos par défaut doit " "être défini correctement dans /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:139 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" "emphasis> in their config file." msgstr "" "REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option " "<emphasis>ipa_dyndns_update</emphasis>, les utilisateurs doivent maintenant " "utiliser <emphasis>dyndns_update</emphasis> dans leur fichier de " "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " "serverside if set by an administrator." msgstr "" "Le TTL à appliquer à l'enregistrement du client DNS lors de sa mise à jour. " "Si dyndns_update a la valeur false, cela n'a aucun effet. Cela remplacera le " "TTL côté serveur s'il est défini par un administrateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:159 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" "emphasis> in their config file." msgstr "" "REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option " "<emphasis>ipa_dyndns_ttl</emphasis>, les utilisateurs doivent maintenant " "utiliser <emphasis>dyndns_ttl</emphasis> dans leur fichier de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:165 msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " "updates. Special value <quote>*</quote> implies that IPs from all interfaces " "should be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:181 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" "emphasis> in their config file." msgstr "" "REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option " "<emphasis>ipa_dyndns_iface</emphasis>, les utilisateurs doivent maintenant " "utiliser <emphasis>dyndns_iface</emphasis> dans leur fichier de " "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:187 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " "option to 'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:212 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 msgid "Enables DNS sites - location based service discovery." msgstr "Active les sites DNS - découverte de service basée sur l'emplacement" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " "based discovery using a query that contains \"_location.hostname.example.com" "\" and then fall back to traditional SRV discovery. If the location based " "discovery succeeds, the IPA servers located with the location based " "discovery are treated as primary servers and the IPA servers located using " "the traditional SRV discovery are used as back up servers" msgstr "" "Si true et que la découverte de service (cf. le paragraphe Découverte de " "service au bas de la page de manuel) est activée, alors SSSD tentera d'abord " "une découverte basée sur l'emplacement en utilisant une requête contenant " "« _location.hostname.example.com », puis reviendra à une découverte SRV " "traditionnelle. Si la découverte basée sur l'emplacement réussit, les " "serveurs IPA ainsi découverts sont traités comme serveurs primaires, et les " "serveurs identifiés via la découverte basée sur les enregistrements SRV " "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:241 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " "optional and applicable only when dyndns_update is true." msgstr "" "Fréquence de mise à jour des DNS par le moteur en plus des mises à jour " "automatiques effectuées lorsque le moteur arrive en ligne. Cette option est " "facultative, et n'est applicable que lorsque l'option dyndns_update est " "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" "Selon que l'enregistrement PTR doit être explicitement mis à jour lors de la " "mise à jour des enregistrements DNS du client. Applicable uniquement lorsque " "l'option dyndns_update est configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:262 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" "Cette option doit être positionnée à False pour la plupart des déploiements " "IPA, puisque le serveur IPA crée les enregistrements PTR automatiquement " "quand les enregistrements directs sont modifiés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:268 msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut pour la " "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:311 #, fuzzy #| msgid "ipa_views_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:314 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" "Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 msgid "Default: Use base DN" msgstr "Par défaut : utilise le DN de base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:324 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:327 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:337 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:340 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " "des objets." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 #: sssd-ipa.5.xml:420 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" "Cf. <quote>ldap_search_base</quote> pour plus d'informations sur la " "configuration des bases de recherche multiples." #. type: Content of: <listitem><para> #: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:356 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:359 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "mappages utilisateur SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:375 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:378 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:387 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:394 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:397 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche objet de " "domaine maître." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:406 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:413 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:416 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:425 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" "Le nom du domaine Kerberos. Facultatif, prend comme valeur par défaut la " "valeur de <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:439 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" "Le nom du domaine Kerberos a une signification spéciale dans IPA. Il est " "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:465 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:468 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " #| "server. This will reduce the latency and load on the IPA server if there " #| "are many access-control requests made in a short period." msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " "are many desktop profiles requests made in a short period." msgstr "" "Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " "permet de réduire le temps de latence et la charge du serveur IPA si il y a " "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:481 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:484 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " #| "server. This will reduce the latency and load on the IPA server if there " #| "are many access-control requests made in a short period." msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" "Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " "permet de réduire le temps de latence et la charge du serveur IPA si il y a " "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:489 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:495 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:498 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " "access-control requests made in a short period." msgstr "" "Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " "permet de réduire le temps de latence et la charge du serveur IPA si il y a " "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:511 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:514 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " "many user login requests made in a short period." msgstr "" "Le temps entre les recherches de cartes SELinux sur un serveur IPA. Cela " "réduit le temps de latence et la charge du serveur IPA s'il y a beaucoup de " "requêtes de connexions utilisateurs sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:527 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:530 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:535 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:546 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:549 msgid "The automounter location this IPA client will be using" msgstr "L'emplacement à automonter qu'utilisera ce client IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:552 msgid "Default: The location named \"default\"" msgstr "Par défaut : Le lieu nommé « default »" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:560 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:569 msgid "ipa_view_class (string)" msgstr "ipa_view_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:572 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:575 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:581 msgid "ipa_view_name (string)" msgstr "ipa_view_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:584 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:594 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:597 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:600 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:606 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:609 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:613 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:619 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:622 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:627 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:630 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:633 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:636 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:639 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:642 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:645 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:648 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:653 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:659 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:662 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:667 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:670 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:673 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:678 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:562 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " "side there is basically no need to configure anything. For completeness the " "related options are listed here with their default values. <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:690 msgid "SUBDOMAINS PROVIDER" msgstr "FOURNISSEURS DE SOUS-DOMAINES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:692 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" "Le fournisseur de sous-domaines IPA se comporte un peu différemment s'il est " "configuré explicitement ou implicitement." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:696 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " "subdomain requests are sent to the IPA server if necessary." msgstr "" "Si l'option « subdomains_provider = ipa » se trouve dans la section domaine " "de sssd.conf, le fournisseur de sous-domaines d'IPA est configuré " "explicitement, et toutes les demandes de sous-domaines sont envoyées au " "serveur IPA si nécessaire." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:702 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " "provider is configured implicitly. In this case, if a subdomain request " "fails and indicates that the server does not support subdomains, i.e. is not " "configured for trusts, the IPA subdomains provider is disabled. After an " "hour or after the IPA provider goes online, the subdomains provider is " "enabled again." msgstr "" "Si l'option « subdomains_provider » n'est pas définie dans la section " "domaine de sssd.conf, mais qu'il y a l'option « id_provider = ipa », le " "fournisseur de sous-domaines IPA est configuré implicitement. Dans ce cas, " "si une demande de sous-domaine échoue et indique que le serveur ne prend pas " "en charge les sous-domaines, c'est-à-dire qu'il n'est pas configuré pour les " "relations d'approbations, le fournisseur de sous-domaines IPA est désactivé. " "Après une heure ou après que le fournisseur IPA arrive en ligne, le " "fournisseur de sous-domaines est à nouveau activé." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:719 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the ipa provider-specific options." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et example.com " "est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces " "exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:726 #, no-wrap msgid "" "[domain/example.com]\n" "id_provider = ipa\n" "ipa_server = ipaserver.example.com\n" "ipa_hostname = myhost.example.com\n" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ad.5.xml:10 sssd-ad.5.xml:16 msgid "sssd-ad" msgstr "sssd-ad" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ad.5.xml:17 msgid "SSSD Active Directory provider" msgstr "Fournisseur Active Directory SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:23 msgid "" "This manual page describes the configuration of the AD provider for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur AD pour " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Pour une référence détaillée sur la syntaxe, cf. la section " "<quote>FORMAT DE FICHIER</quote> de la page de manuel <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:36 msgid "" "The AD provider is a back end used to connect to an Active Directory server. " "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " "superceded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:44 msgid "" "The AD provider supports connecting to Active Directory 2008 R2 or later. " "Earlier versions may work, but are unsupported." msgstr "" "Le fournisseur AD prend en charge la connexion à Active Directory 2008 R2 ou " "ultérieures. Les versions antérieures peuvent fonctionner, mais ne sont pas " "supportées." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:48 msgid "" "The AD provider can be used to get user information and authenticate users " "from trusted domains. Currently only trusted domains in the same forest are " "recognized. In addition servers from trusted domains are always auto-" "discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:54 msgid "" "The AD provider enables SSSD to use the <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> identity " "provider and the <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> authentication provider with " "optimizations for Active Directory environments. The AD provider accepts the " "same options used by the sssd-ldap and sssd-krb5 providers with some " "exceptions. However, it is neither necessary nor recommended to set these " "options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:69 msgid "" "The AD provider primarily copies the traditional ldap and krb5 provider " "default options with some exceptions, the differences are listed in the " "<quote>MODIFIED DEFAULT OPTIONS</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:74 msgid "" "The AD provider can also be used as an access, chpass, sudo and autofs " "provider. No configuration of the access provider is required on the client " "side." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:85 #, no-wrap msgid "" "ldap_id_mapping = False\n" " " msgstr "" "ldap_id_mapping = False\n" " " #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:79 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " "<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " "and groups using POSIX attributes from trusted domains, the AD administrator " "must make sure that the POSIX attributes are replicated to the Global " "Catalog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:92 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " "LDAP implementation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:107 msgid "ad_domain (string)" msgstr "ad_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:110 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" "Spécifie le nom du domaine Active Directory. Ceci est facultatif. S'il " "n'est pas fourni, le nom de domaine de la configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:115 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" "Pour un fonctionnement correct, cette option doit être le nom long du " "domaine Active Directory, spécifié en minuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:120 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" "Le nom de domaine court (aussi connu comme le nom NetBIOS ou nom plat) est " "autodétecté par SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:127 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:130 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " "domains from the AD forest will be available." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:140 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:136 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:144 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:154 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:157 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " "redundancy, see the <quote>FAILOVER</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:164 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:169 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:177 msgid "ad_hostname (string)" msgstr "ad_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:180 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " "host." msgstr "" "Facultatif. Peut être défini sur les machines où le hostname(5) ne reflète " "pas le nom pleinenent qualifié utilisé dans le domaine Active Directory pour " "identifier ce système." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:186 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" "Ce champ est utilisé pour déterminer le principal d'hôte utilisé dans un " "fichier keytab. Elle doit correspondre au nom du système pour lequel a été " "publié un fichier keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:194 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:201 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " "Active Directory server to connect to using the Active Directory Site " "Discovery and fall back to the DNS SRV records if no AD site is found. The " "DNS SRV configuration, including the discovery domain, is used during site " "discovery as well." msgstr "" "Si configuré à true et que la découverte de service (cf. le paragraphe " "Découverte de service au bas de la page de manuel) est activée, SSSD tentera " "d'abord de découvrir le serveur Active Directory auquel se connecter en " "utilisant Active Directory Site Discovery, puis se repliera sur " "l'utilisation des enregistrements DNS SRV si aucun site AD n'est trouvé. La " "configuration SRV du DNS, incluant la découverte de domaine, est aussi " "utilisée pendant la découverte de site." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:217 msgid "ad_access_filter (string)" msgstr "ad_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:220 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:228 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " "The keyword can be either <quote>DOM</quote>, <quote>FOREST</quote> or " "missing." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:236 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " "keyword equals to <quote>FOREST</quote>, then the filter equals to all " "domains from the forest specified by <quote>NAME</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:244 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:249 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." "example.org: syntax to ensure the parser does not attempt to interpret the " "colon characters associated with the OID. If you do not use this OID then " "nested group membership will not be resolved. See usage example below and " "refer here for further information about the OID: <ulink url=\"https://msdn." "microsoft.com/en-us/library/cc223367.aspx\"> [MS-ADTS] section LDAP " "extensions</ulink>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:262 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" "domain filter would be applied. If there are more matches with the same " "specification, the first one is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ad.5.xml:273 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" "dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n" "\n" "# apply filter on domain called dom2 only:\n" "DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n" "\n" "# apply filter on forest called EXAMPLE.COM only:\n" "FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n" "\n" "# apply filter for a member of a nested group in dom1:\n" "DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example,dc=com)\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:292 msgid "ad_site (string)" msgstr "ad_site (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:295 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:306 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:309 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " "as a fallback. Disabling this option makes the SSSD only connect to the LDAP " "port of the current AD server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:317 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " "port of trusted domains instead. However, Global Catalog must be used in " "order to resolve cross-domain group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:331 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:334 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " "permissive mode. Please note that the <quote>access_provider</quote> option " "must be explicitly set to <quote>ad</quote> in order for this option to have " "an effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:343 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:349 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " "(as dictated by the GPO policy settings). In order to facilitate a smooth " "transition for administrators, a permissive mode is available that will not " "enforce the access control rules, but will evaluate them and will output a " "syslog message if access would have been denied. By examining the logs, " "administrators can then make the necessary changes before setting the mode " "to enforcing." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:362 msgid "There are three supported values for this option:" msgstr "Il existe trois valeurs prises en charge pour cette option :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:366 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:372 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:378 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " "have been denied access if this option's value were set to enforcing." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:389 msgid "Default: permissive" msgstr "Par défaut : permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:392 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:398 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:401 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:414 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:417 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " "DenyInteractiveLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:423 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:437 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:428 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>login</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 #: sssd-ad.5.xml:694 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:445 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:450 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:455 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:460 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:465 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:470 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:475 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:480 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:485 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:490 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:495 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:500 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:509 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:512 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " "DenyRemoteInteractiveLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:518 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " "Desktop Services\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:533 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:524 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>sshd</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:541 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:546 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:555 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:558 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " "DenyNetworkLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:564 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " "network\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:579 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:570 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>ftp</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:587 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:592 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:601 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:604 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " "policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:610 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:624 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:615 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>crond</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:632 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:641 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:644 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " "DenyServiceLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:650 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:663 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:655 sssd-ad.5.xml:730 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " "to remove a PAM service name from the default set. For example, in order to " "add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " "would use the following configuration: <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:673 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:676 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:690 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:681 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for unconditionally permitted " "access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:698 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:703 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:708 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:713 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:722 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:725 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:738 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:748 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:751 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " "option can be set in two different manners. First, this option can be set to " "use a default logon right. For example, if this option is set to " "'interactive', it means that unmapped PAM service names will be processed " "based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " "settings. Alternatively, this option can be set to either always permit or " "always deny access for unmapped PAM service names." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:764 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:768 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:773 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:778 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:783 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:788 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:793 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:798 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:804 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:810 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:813 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " "attempt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:819 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:825 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:828 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " "defines the interval in seconds how often the task is run. The second " "specifies the initial timeout in seconds before the task is run for the " "first time after startup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:837 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:846 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " "only needs to allow secure updates for the DNS zone. The IP address of the " "AD LDAP connection is used for the updates, if it is not otherwise specified " "by using the <quote>dyndns_iface</quote> option." msgstr "" "Facultatif. Cette option indique à SSSD de mettre à jour automatiquement le " "serveur DNS intégré à IPA v2 avec l'adresse IP de ce client. La mise à jour " "est sécurisée avec GSS-TSIG. Ainsi, l'administrateur Active Directory a " "uniquement besoin d'activer les mises à jour sécurisées pour la zone DNS. " "L'adresse IP de la connexion LDAP AD est utilisée pour les mises à jour, à " "moins qu'elle ne soit spécifiée par l'utilisation de l'option " "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:876 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:892 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:905 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " "optional and applicable only when dyndns_update is true. Note that the " "lowest possible value is 60 seconds in-case if value is provided less than " "60, parameter will assume lowest value only." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1020 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This example shows only the AD provider-specific options." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et example.com " "est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces " "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:1027 #, no-wrap msgid "" "[domain/EXAMPLE]\n" "id_provider = ad\n" "auth_provider = ad\n" "access_provider = ad\n" "chpass_provider = ad\n" "\n" "ad_server = dc1.example.com\n" "ad_hostname = client.example.com\n" "ad_domain = example.com\n" msgstr "" "[domain/EXAMPLE]\n" "id_provider = ad\n" "auth_provider = ad\n" "access_provider = ad\n" "chpass_provider = ad\n" "\n" "ad_server = dc1.example.com\n" "ad_hostname = client.example.com\n" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:1047 #, no-wrap msgid "" "access_provider = ldap\n" "ldap_access_order = expire\n" "ldap_account_expire_policy = ad\n" msgstr "" "access_provider = ldap\n" "ldap_access_order = expire\n" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1043 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" "Le fournisseur de contrôle d'accès AD vérifie si le compte a expiré. Cela a " "le même effet que la configuration suivante du fournisseur LDAP : " "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1053 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " "note that if you configure an access provider other than <quote>ad</quote>, " "you need to set all the connection parameters (such as LDAP URIs and " "encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1061 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " "are included in the default Active Directory schema." msgstr "" #. type: Content of: <reference><refentry><refmeta><refentrytitle> #: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16 sssd-session-recording.5.xml:10 msgid "sssd-sudo" msgstr "sssd-sudo" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-sudo.5.xml:17 msgid "Configuring sudo with the SSSD back end" msgstr "Configuration de sudo avec le moteur SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:23 msgid "" "This manual page describes how to configure <citerefentry> " "<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " "to work with <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules." msgstr "" "Cette page de manuel décrit comment configurer " "<citerefentry><refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> pour travailler avec <citerefentry><refentrytitle>sssd</" "refentrytitle> <manvolnum>8</manvolnum></citerefentry> et comment SSSD met " "en cache les règles sudo." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:36 msgid "Configuring sudo to cooperate with SSSD" msgstr "Configuration de sudo pour coopérer avec SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:38 msgid "" "To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to " "the <emphasis>sudoers</emphasis> entry in <citerefentry> " "<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." msgstr "" "Pour activer SSSD comme source pour les règles de sudo, ajouter " "<emphasis>sss</emphasis> à l'entrée <emphasis>sudoers</emphasis> dans " "<citerefentry><refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:47 msgid "" "For example, to configure sudo to first lookup rules in the standard " "<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> file (which should contain rules that apply to " "local users) and then in SSSD, the nsswitch.conf file should contain the " "following line:" msgstr "" "Par exemple, pour configurer sudo pour rechercher d'abord les règles dans le " "fichier standard <citerefentry><refentrytitle>sudoers</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> (qui doit contenir les règles qui " "s'appliquent aux utilisateurs locaux) et ensuite dans SSSD, le fichier " "nsswitch.conf doit contenir la ligne suivante :" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-sudo.5.xml:57 #, no-wrap msgid "sudoers: files sss\n" msgstr "sudoers: files sss\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:61 msgid "" "More information about configuring the sudoers search order from the " "nsswitch.conf file as well as information about the LDAP schema that is used " "to store sudo rules in the directory can be found in <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." msgstr "" "Plus d'informations sur la configuration de l'ordre de recherche de sudoers " "depuis le fichier nsswitch.conf, mais aussi les informations sur le schéma " "LDAP qui est utilisé pour stocker les règles sudo dans l'annuaire sont " "disponibles dans <citerefentry><refentrytitle>sudoers.ldap</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:70 msgid "" "<emphasis>Note</emphasis>: in order to use netgroups or IPA hostgroups in " "sudo rules, you also need to correctly set <citerefentry> " "<refentrytitle>nisdomainname</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> to your NIS domain name (which equals to IPA domain name when " "using hostgroups)." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:82 msgid "Configuring SSSD to fetch sudo rules" msgstr "Configuration de SSSD pour aller chercher les règles de sudo" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:84 msgid "" "All configuration that is needed on SSSD side is to extend the list of " "<emphasis>services</emphasis> with \"sudo\" in [sssd] section of " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>. To speed up the LDAP lookups, you can also set " "search base for sudo rules using <emphasis>ldap_sudo_search_base</emphasis> " "option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:94 msgid "" "The following example shows how to configure SSSD to download sudo rules " "from an LDAP server." msgstr "" "L'exemple suivant montre comment configurer SSSD pour télécharger les règles " "sudo à partir d'un serveur LDAP." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-sudo.5.xml:99 #, no-wrap msgid "" "[sssd]\n" "config_file_version = 2\n" "services = nss, pam, sudo\n" "domains = EXAMPLE\n" "\n" "[domain/EXAMPLE]\n" "id_provider = ldap\n" "sudo_provider = ldap\n" "ldap_uri = ldap://example.com\n" "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" msgstr "" "[sssd]\n" "config_file_version = 2\n" "services = nss, pam, sudo\n" "domains = EXAMPLE\n" "\n" "[domain/EXAMPLE]\n" "id_provider = ldap\n" "sudo_provider = ldap\n" "ldap_uri = ldap://example.com\n" "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:98 msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> <phrase condition=" "\"have_systemd\"> It's important to note that on platforms where systemd is " "supported there's no need to add the \"sudo\" provider to the list of " "services, as it became optional. However, sssd-sudo.socket must be enabled " "instead. </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:118 msgid "" "When SSSD is configured to use IPA as the ID provider, the sudo provider is " "automatically enabled. The sudo search base is configured to use the IPA " "native LDAP tree (cn=sudo,$SUFFIX). If any other search base is defined in " "sssd.conf, this value will be used instead. The compat tree (ou=sudoers," "$SUFFIX) is no longer required for IPA sudo functionality." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:128 msgid "The SUDO rule caching mechanism" msgstr "Le mécanisme de mise en cache de règles SUDO" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:130 msgid "" "The biggest challenge, when developing sudo support in SSSD, was to ensure " "that running sudo with SSSD as the data source provides the same user " "experience and is as fast as sudo but keeps providing the most current set " "of rules as possible. To satisfy these requirements, SSSD uses three kinds " "of updates. They are referred to as full refresh, smart refresh and rules " "refresh." msgstr "" "Le plus grand défi lors du développement de la prise en charge de sudo dans " "SSSD était de de s'assurer que l'utilisation d'un sudo exploitant SSSD comme " "source de données fournissait la même expérience utilisateur et était aussi " "rapide que sudo, tout en conservant le jeu de règles le plus à jour " "possible. Pour satisfaire ces exigences, SSSD utilise trois types de mises à " "jour. Elles sont appelées actualisation complète, rafraîchissement " "intelligent et rafraîchissement des règles." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:138 msgid "" "The <emphasis>smart refresh</emphasis> periodically downloads rules that are " "new or were modified after the last update. Its primary goal is to keep the " "database growing by fetching only small increments that do not generate " "large amounts of network traffic." msgstr "" "Le <emphasis>rafraîchissement intelligent</emphasis> télécharge " "périodiquement les règles qui sont nouvelles ou qui ont été modifiées après " "la dernière mise à jour. Son but premier est d'éviter à la base de données " "de grossir en allant chercher de petits incréments qui ne génèrent pas de " "gros de trafic réseau." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:144 msgid "" "The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored " "in the cache and replaces them with all rules that are stored on the server. " "This is used to keep the cache consistent by removing every rule which was " "deleted from the server. However, full refresh may produce a lot of traffic " "and thus it should be run only occasionally depending on the size and " "stability of the sudo rules." msgstr "" "Le <emphasis>rafracîchissement complèt</emphasis> supprime simplement toutes " "les règles sudo stockées dans le cache et les remplace par toutes les règles " "qui sont stockées sur le serveur. Ceci est utilisé pour assurer la cohérence " "de cache en supprimant toutes les règles qui ont été supprimées du serveur. " "Cependant, un rafraîchissement complet peut produire beaucoup de trafic et " "doit n'être exécuté qu'occasionnellement selon la taille et de la stabilité " "des règles sudo." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:152 msgid "" "The <emphasis>rules refresh</emphasis> ensures that we do not grant the user " "more permission than defined. It is triggered each time the user runs sudo. " "Rules refresh will find all rules that apply to this user, check their " "expiration time and redownload them if expired. In the case that any of " "these rules are missing on the server, the SSSD will do an out of band full " "refresh because more rules (that apply to other users) may have been deleted." msgstr "" "Le <emphasis>rafraîchissement des règles</emphasis> fait en sorte de ne pas " "accorder à l'utilisateur plus d'autorisations que défini. Il est déclenché " "chaque fois que l'utilisateur exécute sudo. L'actualisation des règles " "trouvera toutes les règles qui s'appliquent à cet utilisateur, vérifie leur " "date d'expiration et les retéléchargera si elles ont expiré. Dans le cas où " "l'une de ces règles est manquante sur le serveur, SSSD programmera en " "parallèle un rafraîchissement complet hors ligne car d'autres règles " "(s'appliquant à d'autres utilisateurs) peuvent avoir été supprimées." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:161 msgid "" "If enabled, SSSD will store only rules that can be applied to this machine. " "This means rules that contain one of the following values in " "<emphasis>sudoHost</emphasis> attribute:" msgstr "" "Si activé, SSSD stocke uniquement les règles qui peuvent être appliquées à " "cette machine. En d'autres termes, ce sont les règles qui contiennent une " "des valeurs suivantes dans l'attribut de <emphasis>sudoHost</emphasis> :" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:168 msgid "keyword ALL" msgstr "mot-clé ALL" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:173 msgid "wildcard" msgstr "joker" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:178 msgid "netgroup (in the form \"+netgroup\")" msgstr "netgroup (sous la forme « +netgroup »)" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:183 msgid "hostname or fully qualified domain name of this machine" msgstr "" "nom de système ou le nom de domaine pleinement qualifié de cette machine" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:188 msgid "one of the IP addresses of this machine" msgstr "une des adresses IP de cette machine" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:193 msgid "one of the IP addresses of the network (in the form \"address/mask\")" msgstr "une des adresses IP du réseau (sous la forme « adresse/masque »)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:199 msgid "" "There are many configuration options that can be used to adjust the " "behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" "Il existe de nombreuses options de configuration qui peuvent être utilisées " "pour ajuster le comportement. Consulter « ldap_sudo_ * » dans " "<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> et « sudo_ * » dans " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.8.xml:10 sssd.8.xml:15 msgid "sssd" msgstr "sssd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.8.xml:16 msgid "System Security Services Daemon" msgstr "System Security Services Daemon" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sssd.8.xml:21 msgid "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:31 msgid "" "<command>SSSD</command> provides a set of daemons to manage access to remote " "directories and authentication mechanisms. It provides an NSS and PAM " "interface toward the system and a pluggable backend system to connect to " "multiple different account sources as well as D-Bus interface. It is also " "the basis to provide client auditing and policy services for projects like " "FreeIPA. It provides a more robust database to store local users as well as " "extended user data." msgstr "" "<command>SSSD</command> fournit un jeu de démons pour gérer l'accès à des " "dossiers distants et les mécanismes d'authentification. Il fournit une " "interface NSS et PAM au travers du système et un moteur système extensible " "par greffons pour se connecter à de multiples comptes de sources différentes " "en plus d'une interface D-Bus. C'est aussi un moyen de fournir un moyen " "d'audit client et une politique de services pour les projets tels que " "FreeIPA. Il fournit une base de donnée plus robuste pour stocker les " "utilisateurs locaux ainsi que les données étendues des utilisateurs." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:46 msgid "" "<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" "replaceable>" msgstr "" "<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:53 msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:57 msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" msgstr "" "<emphasis>1</emphasis> : Ajouter un horodatage aux messages de débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:60 msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" msgstr "" "<emphasis>0</emphasis> : Désactiver l'horodatage dans les messages de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:69 msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" msgstr "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:73 msgid "" "<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" msgstr "" "<emphasis>1</emphasis> : Ajouter les microsecondes à l'horodatage dans les " "messages de débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:76 msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" msgstr "" "<emphasis>0</emphasis> : Désactiver les microsecondes dans l'horodatage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:85 msgid "<option>-f</option>,<option>--debug-to-files</option>" msgstr "<option>-f</option>,<option>--debug-to-files</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:89 msgid "" "Send the debug output to files instead of stderr. By default, the log files " "are stored in <filename>/var/log/sssd</filename> and there are separate log " "files for every SSSD service and domain." msgstr "" "Envoie la sortie de débogage vers des fichiers plutôt que vers la sortie " "d'erreur standard. Par défaut, les fichiers de sortie sont stockés dans " "<filename>/var/log/sssd</filename> et des fichiers différents sont créés " "pour chaque service et domaine SSSD." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:97 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:101 msgid "Become a daemon after starting up." msgstr "Devenir un démon après le démarrage." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:107 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:111 msgid "Run in the foreground, don't become a daemon." msgstr "Tourner en avant-plan et ne pas devenir un démon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:117 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:121 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " "consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Définit un fichier de configuration autre que celui par défaut (<filename>/" "etc/sssd/sssd.conf</filename>). Pour obtenir des informations sur la syntaxe " "et les options du fichier de configuration, consulter les pages de manuel de " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:135 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:139 msgid "Print version number and exit." msgstr "Afficher le numéro de version et quitter." #. type: Content of: <reference><refentry><refsect1><title> #: sssd.8.xml:147 msgid "Signals" msgstr "Signaux" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:150 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:153 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" "Indique à SSSD de fermer normalement tous ses processus fils puis d'arrêter " "le moniteur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:159 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:162 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " "like logrotate." msgstr "" "Précise à SSSD de ne plus écrire vers son fichier de débogage actuel, de le " "fermer et de le rouvrir. Cela permet de faciliter les rotations de fichiers " "de sortie avec des programmes tels que logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:170 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " "directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " "directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 msgid "sss_obfuscate" msgstr "sss_obfuscate" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_obfuscate.8.xml:16 msgid "obfuscate a clear text password" msgstr "obscurcir un mot de passe en clair" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_obfuscate.8.xml:21 msgid "" "<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" msgstr "" "<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:32 msgid "" "<command>sss_obfuscate</command> converts a given password into human-" "unreadable format and places it into appropriate domain section of the SSSD " "config file." msgstr "" "<command>sss_obfuscate</command> convertit un mot de passe donné en un " "format illisible par un humain et le place dans la section de domaine " "appropriée du fichier de configuration SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:37 msgid "" "The cleartext password is read from standard input or entered " "interactively. The obfuscated password is put into " "<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " "<quote>ldap_default_authtok_type</quote> parameter is set to " "<quote>obfuscated_password</quote>. Refer to <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more details on these parameters." msgstr "" "Le mot de passe en clair est lu dans l'entrée standard ou entré " "interactivement. Les mots de passes chiffrés sont mis dans " "<quote>ldap_default_authtok</quote> pour un domaine SSSD donné et le " "paramètre <quote>ldap_default_authtok_type</quote> est défini à " "<quote>obfuscated_password</quote>. Cf. <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails sur ces paramètres." #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:49 msgid "" "Please note that obfuscating the password provides <emphasis>no real " "security benefit</emphasis> as it is still possible for an attacker to " "reverse-engineer the password back. Using better authentication mechanisms " "such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " "advised." msgstr "" "Veuillez noter que les mots de passe chiffrés ne fournissent <emphasis>aucun " "réel bénéfice de sécurité</emphasis> étant donné qu'il est possible de " "retrouver le mot de passe par ingénierie-inverse. Utiliser un meilleur " "mécanisme d'authentification tel que les certificats côté client ou GSSAPI " "est <emphasis>très</emphasis> conseillé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:63 msgid "<option>-s</option>,<option>--stdin</option>" msgstr "<option>-s</option>,<option>--stdin</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:67 msgid "The password to obfuscate will be read from standard input." msgstr "Le mot de passe chiffré sera lu sur l'entrée standard." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:70 #: sss_ssh_knownhostsproxy.1.xml:78 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAINE</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:79 msgid "" "The SSSD domain to use the password in. The default name is <quote>default</" "quote>." msgstr "" "Le domaine SSSD auquel est lié le mot de passe. Le nom par défaut est " "<quote>default</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:86 msgid "" "<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" msgstr "" "<option>-f</option>,<option>--file</option> <replaceable>FICHIER</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:91 msgid "Read the config file specified by the positional parameter." msgstr "Lit le fichier de configuration spécifié par le paramètre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:95 msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" msgstr "Par défaut : <filename>/etc/sssd/sssd.conf</filename>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_override.8.xml:10 sss_override.8.xml:15 msgid "sss_override" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_override.8.xml:16 msgid "create local overrides of user and group attributes" msgstr "" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_override.8.xml:21 msgid "" "<command>sss_override</command> <arg choice='plain'><replaceable>COMMAND</" "replaceable></arg> <arg choice='opt'> <replaceable>options</replaceable> </" "arg>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:32 msgid "" "<command>sss_override</command> enables to create a client-side view and " "allows to change selected values of specific user and groups. This change " "takes effect only on local machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:37 msgid "" "Overrides data are stored in the SSSD cache. If the cache is deleted, all " "local overrides are lost. Please note that after the first override is " "created using any of the following <emphasis>user-add</emphasis>, " "<emphasis>group-add</emphasis>, <emphasis>user-import</emphasis> or " "<emphasis>group-import</emphasis> command. SSSD needs to be restarted to " "take effect. <emphasis>sss_override</emphasis> prints message when a " "restart is required." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_override.8.xml:50 sssctl.8.xml:41 msgid "AVAILABLE COMMANDS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:52 msgid "" "Argument <emphasis>NAME</emphasis> is the name of original object in all " "commands. It is not possible to override <emphasis>uid</emphasis> or " "<emphasis>gid</emphasis> to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:59 msgid "" "<option>user-add</option> <emphasis>NAME</emphasis> <optional><option>-n,--" "name</option> NAME</optional> <optional><option>-u,--uid</option> UID</" "optional> <optional><option>-g,--gid</option> GID</optional> " "<optional><option>-h,--home</option> HOME</optional> <optional><option>-s,--" "shell</option> SHELL</optional> <optional><option>-c,--gecos</option> GECOS</" "optional> <optional><option>-x,--certificate</option> BASE64 ENCODED " "CERTIFICATE</optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:72 msgid "" "Override attributes of an user. Please be aware that calling this command " "will replace any previous override for the (NAMEd) user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:80 msgid "<option>user-del</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:85 msgid "" "Remove user overrides. However be aware that overridden attributes might be " "returned from memory cache. Please see SSSD option " "<emphasis>memcache_timeout</emphasis> for more details." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:94 msgid "" "<option>user-find</option> <optional><option>-d,--domain</option> DOMAIN</" "optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:99 msgid "" "List all users with set overrides. If <emphasis>DOMAIN</emphasis> parameter " "is set, only users from the domain are listed." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:107 msgid "<option>user-show</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:112 msgid "Show user overrides." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:118 msgid "<option>user-import</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:123 msgid "" "Import user overrides from <emphasis>FILE</emphasis>. Data format is " "similar to standard passwd file. The format is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:128 msgid "original_name:name:uid:gid:gecos:home:shell:base64_encoded_certificate" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:131 msgid "" "where original_name is original name of the user whose attributes should be " "overridden. The rest of fields correspond to new values. You can omit a " "value simply by leaving corresponding field empty." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:140 msgid "ckent:superman::::::" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:143 msgid "ckent@krypton.com::501:501:Superman:/home/earth:/bin/bash:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:149 msgid "<option>user-export</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:154 msgid "" "Export all overridden attributes and store them in <emphasis>FILE</" "emphasis>. See <emphasis>user-import</emphasis> for data format." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:162 msgid "" "<option>group-add</option> <emphasis>NAME</emphasis> <optional><option>-n,--" "name</option> NAME</optional> <optional><option>-g,--gid</option> GID</" "optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:169 msgid "" "Override attributes of a group. Please be aware that calling this command " "will replace any previous override for the (NAMEd) group." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:177 msgid "<option>group-del</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:182 msgid "" "Remove group overrides. However be aware that overridden attributes might be " "returned from memory cache. Please see SSSD option " "<emphasis>memcache_timeout</emphasis> for more details." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:191 msgid "" "<option>group-find</option> <optional><option>-d,--domain</option> DOMAIN</" "optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:196 msgid "" "List all groups with set overrides. If <emphasis>DOMAIN</emphasis> " "parameter is set, only groups from the domain are listed." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:204 msgid "<option>group-show</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:209 msgid "Show group overrides." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:215 msgid "<option>group-import</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:220 msgid "" "Import group overrides from <emphasis>FILE</emphasis>. Data format is " "similar to standard group file. The format is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:225 msgid "original_name:name:gid" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:228 msgid "" "where original_name is original name of the group whose attributes should be " "overridden. The rest of fields correspond to new values. You can omit a " "value simply by leaving corresponding field empty." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:237 msgid "admins:administrators:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:240 msgid "Domain Users:Users:501" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:246 msgid "<option>group-export</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:251 msgid "" "Export all overridden attributes and store them in <emphasis>FILE</" "emphasis>. See <emphasis>group-import</emphasis> for data format." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_override.8.xml:261 sssctl.8.xml:50 msgid "COMMON OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:263 sssctl.8.xml:52 msgid "Those options are available with all commands." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:268 sssctl.8.xml:57 msgid "<option>--debug</option> <replaceable>LEVEL</replaceable>" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_useradd.8.xml:10 sss_useradd.8.xml:15 msgid "sss_useradd" msgstr "sss_useradd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_useradd.8.xml:16 msgid "create a new user" msgstr "créer un utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_useradd.8.xml:21 msgid "" "<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" "<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>UTILISATEUR</" "replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:32 msgid "" "<command>sss_useradd</command> creates a new user account using the values " "specified on the command line plus the default values from the system." msgstr "" "<command>sss_useradd</command> crée un nouveau compte utilisateur en " "utilisant les valeurs spécifiées en ligne de commande auquelles sont " "ajoutées les valeurs par défaut du système." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:43 sss_seed.8.xml:76 msgid "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:48 msgid "" "Set the UID of the user to the value of <replaceable>UID</replaceable>. If " "not given, it is chosen automatically." msgstr "" "Définit l'UID de l'utilisateur à la valeur <replaceable>UID</replaceable>. " "Si non précisé, il est choisit automatiquement." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100 msgid "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" "replaceable>" msgstr "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENTAIRE</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105 msgid "" "Any text string describing the user. Often used as the field for the user's " "full name." msgstr "" "Toute chaîne de caractère décrivant l'utilisateur. Souvent utilisé comme " "champ pour le nom entier de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112 msgid "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" msgstr "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:72 msgid "" "The home directory of the user account. The default is to append the " "<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " "that as the home directory. The base that is prepended before " "<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" "baseDirectory</quote> setting in sssd.conf." msgstr "" "Le répertoire personnel du compte utilisateur. Par défaut, on ajoute " "<replaceable>LOGIN</replaceable> à <filename>/home</filename> et on utilise " "cela comme dossier personnel. La base précédent <replaceable>LOGIN</" "replaceable> est modifiable avec le paramètre <quote>user_defaults/" "baseDirectory</quote> de sssd.conf." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124 msgid "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" msgstr "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:87 msgid "" "The user's login shell. The default is currently <filename>/bin/bash</" "filename>. The default can be changed with <quote>user_defaults/" "defaultShell</quote> setting in sssd.conf." msgstr "" "L'interpréteur de commande de l'utilisateur. La valeur par défaut actuelle, " "<filename>/bin/bash</filename>, peut être modifiée avec le paramètre " "<quote>user_defaults/defaultShell</quote> dans sssd.conf." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:96 msgid "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" "replaceable>" msgstr "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPES</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:101 msgid "A list of existing groups this user is also a member of." msgstr "Une liste de groupes existants dont l'utilisateur est aussi membre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:107 msgid "<option>-m</option>,<option>--create-home</option>" msgstr "<option>-m</option>,<option>--create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:111 msgid "" "Create the user's home directory if it does not exist. The files and " "directories contained in the skeleton directory (which can be defined with " "the -k option or in the config file) will be copied to the home directory." msgstr "" "Crée le répertoire personnel de l'utilisateur s'il n'existe pas. Les " "fichiers et répertoires inclus dans le répertoire squelette (pouvant être " "définis avec l'option -k ou dans le fichier de configuration) sont copiés " "dans le dossier personnel." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:121 msgid "<option>-M</option>,<option>--no-create-home</option>" msgstr "<option>-M</option>,<option>--no-create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:125 msgid "" "Do not create the user's home directory. Overrides configuration settings." msgstr "" "Ne pas créer de dossier personnel pour l'utilisateur. Écrase les paramètres " "de configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:132 msgid "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" msgstr "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:137 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<command>sss_useradd</command>." msgstr "" "Le répertoire squelette, contenant les fichiers et répertoires à copier dans " "le répertoire personnel de l'utilisateur, quand le répertoire personnel est " "créé par <command>sss_useradd</command>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:143 msgid "" "Special files (block devices, character devices, named pipes and unix " "sockets) will not be copied." msgstr "" "Les fichiers spéciaux (périphériques blocs, caractères, tubes nommés et " "sockets unix) ne seront pas copiés." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:147 msgid "" "This option is only valid if the <option>-m</option> (or <option>--create-" "home</option>) option is specified, or creation of home directories is set " "to TRUE in the configuration." msgstr "" "L'option n'est valide que si l'option <option>-m</option> (ou <option>--" "create-home</option>) est utilisée ou si la création de répertoires " "personnels est à TRUE dans la configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:156 sss_usermod.8.xml:124 msgid "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>SELINUX_USER</replaceable>" msgstr "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>UTILISATEUR_SELINUX</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:161 msgid "" "The SELinux user for the user's login. If not specified, the system default " "will be used." msgstr "" "L'utilisateur SELinux pour la connexion utilisateur. Si non spécifié, la " "valeur par défaut du système est utilisée." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 msgid "sssd-krb5" msgstr "sssd-krb5" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-krb5.5.xml:17 msgid "SSSD Kerberos provider" msgstr "Fournisseur Kerberos SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:23 msgid "" "This manual page describes the configuration of the Kerberos 5 " "authentication backend for <citerefentry> <refentrytitle>sssd</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " "syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " "the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du moteur d'authentification de " "Kerberos 5 pour <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. Pour une référence détaillée sur " "la syntaex, veuillez vous référer à la section <quote>FORMAT DE FICHIER</" "quote> du manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:36 msgid "" "The Kerberos 5 authentication backend contains auth and chpass providers. It " "must be paired with an identity provider in order to function properly (for " "example, id_provider = ldap). Some information required by the Kerberos 5 " "authentication backend must be provided by the identity provider, such as " "the user's Kerberos Principal Name (UPN). The configuration of the identity " "provider should have an entry to specify the UPN. Please refer to the man " "page for the applicable identity provider for details on how to configure " "this." msgstr "" "Le moteur d'authentification Kerberos 5 contient les fournisseurs " "d'authentification et de changement de mot de passe. Il doit être couplé " "avec un fournisseur d'identité de manière à fonctionner proprement (par " "exemple, id_provider = ldap). Plusieurs informations requises par le moteur " "d'authentification Kerberos 5 doivent être fournies par le fournisseur " "d'identité, telles que le nom du principal de l'utilisateur Kerberos (UPN). " "La configuration du fournisseur d'identité doit avoir une entrée pour " "spécifier l'UPN. Veuillez vous référer aux pages du manuel du fournisseur " "d'identité ad-hoc pour pouvoir le configurer." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " "home directory of the user. See <citerefentry> <refentrytitle>.k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " "configuration." msgstr "" "Ce moteur fournit aussi un contrôle d'accès sur le fichier .k5login dans le " "répertoire personnel de l'utilisateur. Voir <citerefentry> <refentrytitle>." "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. Veuillez noter qu'un fichier .k5login vide interdira tout accès " "pour cet utilisateur. Pour activer cette option, utilisez « access_provider " "= krb5 » dans votre configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:55 msgid "" "In the case where the UPN is not available in the identity backend, " "<command>sssd</command> will construct a UPN using the format " "<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." msgstr "" "Dans le cas où l'UPN n'est pas valide dans le moteur d'identité, " "<command>sssd</command> construira un UPN en utilisant le format " "<replaceable>utilisateur</replaceable>@<replaceable>krb5_realm</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:77 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect, in the order of preference. " "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. An optional port number (preceded by a " "colon) may be appended to the addresses or hostnames. If empty, service " "discovery is enabled; for more information, refer to the <quote>SERVICE " "DISCOVERY</quote> section." msgstr "" "Spécifie la liste séparée par des virgules des adresses IP ou des noms de " "systèmes des serveurs Kerberos auquel SSSD doit se connecter, par ordre de " "préférence. Pour plus d'informations sur la redondance par bascule et le " "serveur, consultez la section de <quote>BASCULE</quote>. Un numéro de port " "facultatif (précédé de deux-points) peut être ajouté aux adresses ou aux " "noms de systèmes. Si vide, le service de découverte est activé - pour plus " "d'informations, se reporter à la section <quote>DÉCOUVERTE DE SERVICE</" "quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:106 msgid "" "The name of the Kerberos realm. This option is required and must be " "specified." msgstr "" "Le nom du domaine Kerberos. Cette option est nécessaire et doit être " "renseignée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:113 msgid "krb5_kpasswd, krb5_backup_kpasswd (string)" msgstr "krb5_kpasswd, krb5_backup_kpasswd (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:116 msgid "" "If the change password service is not running on the KDC, alternative " "servers can be defined here. An optional port number (preceded by a colon) " "may be appended to the addresses or hostnames." msgstr "" "Si le service de changement de mot de passe ne fonctionne pas sur le KDC, " "des serveurs de secours peuvent être définis ici. Un numéro de port " "facultatif (précédé par un signe deux-points) peut-être être suffixé aux " "adresses ou aux noms de systèmes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:122 msgid "" "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd " "servers to try, the backend is not switched to operate offline if " "authentication against the KDC is still possible." msgstr "" "Pour plus d'information sur la bascule et la redondance de serveurs, voir la " "section <quote>BASCULE</quote>. Noter que même si il n'y a plus de serveurs " "kpasswd à essayer, le moteur ne passe pas en mode hors-ligne si " "l'authentification KDC est toujours possible." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:129 msgid "Default: Use the KDC" msgstr "Par défaut : utiliser le KDC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:135 msgid "krb5_ccachedir (string)" msgstr "krb5_ccachedir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:138 msgid "" "Directory to store credential caches. All the substitution sequences of " "krb5_ccname_template can be used here, too, except %d and %P. The directory " "is created as private and owned by the user, with permissions set to 0700." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:145 msgid "Default: /tmp" msgstr "Par défaut : /tmp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:151 msgid "krb5_ccname_template (string)" msgstr "krb5_ccname_template (chaîne)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:165 include/override_homedir.xml:11 msgid "%u" msgstr "%u" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:166 include/override_homedir.xml:12 msgid "login name" msgstr "identifiant de connexion" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:169 include/override_homedir.xml:15 msgid "%U" msgstr "%U" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:170 msgid "login UID" msgstr "UID de l'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:173 msgid "%p" msgstr "%p" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:174 msgid "principal name" msgstr "nom du principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:178 msgid "%r" msgstr "%r" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:179 msgid "realm name" msgstr "nom de domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:182 msgid "%h" msgstr "%h" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:183 sssd-ifp.5.xml:108 msgid "home directory" msgstr "répertoire personnel" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:187 include/override_homedir.xml:19 msgid "%d" msgstr "%d" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:188 msgid "value of krb5_ccachedir" msgstr "valeur de krb5_ccachedir" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:193 include/override_homedir.xml:31 msgid "%P" msgstr "%P" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:194 msgid "the process ID of the SSSD client" msgstr "l'ID de processus du client SSSD" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:199 include/override_homedir.xml:49 msgid "%%" msgstr "%%" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:200 include/override_homedir.xml:50 msgid "a literal '%'" msgstr "un « % » littéral" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:154 msgid "" "Location of the user's credential cache. Three credential cache types are " "currently supported: <quote>FILE</quote>, <quote>DIR</quote> and " "<quote>KEYRING:persistent</quote>. The cache can be specified either as " "<replaceable>TYPE:RESIDUAL</replaceable>, or as an absolute path, which " "implies the <quote>FILE</quote> type. In the template, the following " "sequences are substituted: <placeholder type=\"variablelist\" id=\"0\"/> If " "the template ends with 'XXXXXX' mkstemp(3) is used to create a unique " "filename in a safe way." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:208 msgid "" "When using KEYRING types, the only supported mechanism is <quote>KEYRING:" "persistent:%U</quote>, which uses the Linux kernel keyring to store " "credentials on a per-UID basis. This is also the recommended choice, as it " "is the most secure and predictable method." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:216 msgid "" "The default value for the credential cache name is sourced from the profile " "stored in the system wide krb5.conf configuration file in the [libdefaults] " "section. The option name is default_ccache_name. See krb5.conf(5)'s " "PARAMETER EXPANSION paragraph for additional information on the expansion " "format defined by krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:225 msgid "" "NOTE: Please be aware that libkrb5 ccache expansion template from " "<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> uses different expansion sequences than SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:234 msgid "Default: (from libkrb5)" msgstr "Par défaut : (valeur provenant de libkrb5)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:240 msgid "krb5_auth_timeout (integer)" msgstr "krb5_auth_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:243 msgid "" "Timeout in seconds after an online authentication request or change password " "request is aborted. If possible, the authentication request is continued " "offline." msgstr "" "Délai d'attente, en secondes, après l'annulation d'une requête " "d'authentification en ligne ou de changement de mot de passe. La requête " "d'authentification sera effectuée hors-ligne si cela est possible." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:254 msgid "krb5_validate (boolean)" msgstr "krb5_validate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:257 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed. The keytab is checked for entries sequentially, and the first entry " "with a matching realm is used for validation. If no entry matches the realm, " "the last entry in the keytab is used. This process can be used to validate " "environments using cross-realm trust by placing the appropriate keytab entry " "as the last entry or the only entry in the keytab file." msgstr "" "Vérifie à l'aide de krb5_keytab que le TGT obtenu n'a pas été usurpé. Les " "entrées d'un fichier keytab sont vérifiées dans l'ordre, et la première " "entrée avec un domaine correspondant est utilisée pour la validation. Si " "aucune entrée ne correspond au domaine, la dernière entrée dans le fichier " "keytab est utilisée. Ce processus peut être utilisé pour valider des " "environnements utilisant l'approbation entre domaines en plaçant l'entrée " "keytab appropriée comme dernière ou comme seule entrée dans le fichier " "keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:272 msgid "krb5_keytab (string)" msgstr "krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:275 msgid "" "The location of the keytab to use when validating credentials obtained from " "KDCs." msgstr "" "L'emplacement du fichier keytab à utiliser pour valider les données " "d'identification obtenues à partir de KDC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:279 msgid "Default: /etc/krb5.keytab" msgstr "Par défaut : /etc/krb5.keytab" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:285 msgid "krb5_store_password_if_offline (boolean)" msgstr "krb5_store_password_if_offline (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:288 msgid "" "Store the password of the user if the provider is offline and use it to " "request a TGT when the provider comes online again." msgstr "" "Stocke le mot de passe de l'utilisateur si le fournisseur est hors-ligne, " "puis l'utilise pour obtenir un TGT lorsque le fournisseur redevient " "disponible en ligne." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:293 msgid "" "NOTE: this feature is only available on Linux. Passwords stored in this way " "are kept in plaintext in the kernel keyring and are potentially accessible " "by the root user (with difficulty)." msgstr "" "NOTE : cette fonctionnalité n'est actuellement disponible que sur les plates-" "formes Linux. Les mots de passe stockés de cette manière sont conservés en " "texte brut dans le trousseau de clés du noyau et sont potentiellement " "accessibles à l'utilisateur root (avec difficulté)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:306 msgid "krb5_renewable_lifetime (string)" msgstr "krb5_renewable_lifetime (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:309 msgid "" "Request a renewable ticket with a total lifetime, given as an integer " "immediately followed by a time unit:" msgstr "" "Demande un ticket renouvelable avec une durée de vie totale, donnée par un " "entier immédiatement suivi par une unité de temps :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385 msgid "<emphasis>s</emphasis> for seconds" msgstr "<emphasis>s</emphasis> pour secondes" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388 msgid "<emphasis>m</emphasis> for minutes" msgstr "<emphasis>m</emphasis> pour minutes" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391 msgid "<emphasis>h</emphasis> for hours" msgstr "<emphasis>h</emphasis> pour heures" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394 msgid "<emphasis>d</emphasis> for days." msgstr "<emphasis>d</emphasis> pour jours." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397 msgid "If there is no unit given, <emphasis>s</emphasis> is assumed." msgstr "Si aucune unité n'est spécifiée, <emphasis>s</emphasis> est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401 msgid "" "NOTE: It is not possible to mix units. To set the renewable lifetime to one " "and a half hours, use '90m' instead of '1h30m'." msgstr "" "NOTE : il n'est pas possible de mélanger les unités. Pour indiquer une durée " "de vie renouvelable de une heure et trente minutes, utiliser « 90m » au lieu " "de « 1h30m »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:335 msgid "Default: not set, i.e. the TGT is not renewable" msgstr "" "Par défaut : non défini, c'est-à-dire que le TGT n'est pas renouvelable" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:341 msgid "krb5_lifetime (string)" msgstr "krb5_lifetime (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:344 msgid "" "Request ticket with a lifetime, given as an integer immediately followed by " "a time unit:" msgstr "" "Demande un ticket avec une durée de vie, donnée par un entier immédiatement " "suivi par une unité de temps :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:360 msgid "If there is no unit given <emphasis>s</emphasis> is assumed." msgstr "Si aucune unité n'est spécifiée, <emphasis>s</emphasis> est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:364 msgid "" "NOTE: It is not possible to mix units. To set the lifetime to one and a " "half hours please use '90m' instead of '1h30m'." msgstr "" "NOTE : il n'est pas possible de mélanger les unités. Pour indiquer une durée " "de vie de une heure et trente minutes, utiliser « 90m » au lieu de « 1h30m »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:369 msgid "" "Default: not set, i.e. the default ticket lifetime configured on the KDC." msgstr "" "Par défaut : non défini, c'est-à-dire la durée de vie par défaut configurée " "dans le KDC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:376 msgid "krb5_renew_interval (string)" msgstr "krb5_renew_interval (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:379 msgid "" "The time in seconds between two checks if the TGT should be renewed. TGTs " "are renewed if about half of their lifetime is exceeded, given as an integer " "immediately followed by a time unit:" msgstr "" "La durée, en secondes, entre deux vérifications pour savoir si le TGT doit " "être renouvelé. Les TGT sont renouvelés si environ la moitié de leur durée " "de vie est dépassée. Indiquée par un entier immédiatement suivi d'une unité " "de temps :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:406 msgid "If this option is not set or is 0 the automatic renewal is disabled." msgstr "" "Si cette option n'est pas définie ou définie à 0, le renouvellement " "automatique est désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:416 msgid "krb5_use_fast (string)" msgstr "krb5_use_fast (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:419 msgid "" "Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" "authentication. The following options are supported:" msgstr "" "Active le flexible authentication secure tunneling (FAST) pour la pré-" "authentification Kerberos. Les options suivantes sont supportées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:424 msgid "" "<emphasis>never</emphasis> use FAST. This is equivalent to not setting this " "option at all." msgstr "" "<emphasis>never</emphasis> : ne jamais utiliser FAST. Ceci équivaut à ne pas " "définir cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:428 msgid "" "<emphasis>try</emphasis> to use FAST. If the server does not support FAST, " "continue the authentication without it." msgstr "" "<emphasis>try</emphasis> : eassyer d'utiliser FAST. Si le serveur ne prend " "pas en charge FAST, continuer l'authentification sans." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:433 msgid "" "<emphasis>demand</emphasis> to use FAST. The authentication fails if the " "server does not require fast." msgstr "" "<emphasis>demander</emphasis> : imposer d'utiliser FAST. L'authentification " "échoue si le serveur ne requiert pas FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:438 msgid "Default: not set, i.e. FAST is not used." msgstr "Par défaut : non défini, i.e. FAST n'est pas utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:441 msgid "NOTE: a keytab is required to use FAST." msgstr "NOTE : un fichier keytab est requis pour utiliser FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:444 msgid "" "NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If " "SSSD is used with an older version of MIT Kerberos, using this option is a " "configuration error." msgstr "" "NOTE : SSSD prend en charge le paramètre FAST uniquement avec MIT Kerberos " "version 1.8 et au-delà. L'utilisation de SSSD avec une version antérieure de " "MIT Kerberos avec cette option est une erreur de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:453 msgid "krb5_fast_principal (string)" msgstr "krb5_fast_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:456 msgid "Specifies the server principal to use for FAST." msgstr "Spécifie le principal de serveur afin d'utiliser FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:465 msgid "" "Specifies if the host and user principal should be canonicalized. This " "feature is available with MIT Kerberos 1.7 and later versions." msgstr "" "Spécifie si les principaux du système et de l'utilisateur doivent être " "rendus canoniques. Cette fonctionnalité est disponible avec MIT Kerberos 1.7 " "et versions suivantes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" "Indique si le principal de l'utilisateur doit être traité comme un principal " "d'entreprise. Cf. la section 5 de la RFC 6806 pour plus de détails sur les " "principals d'entreprise." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:514 msgid "Default: false (AD provider: true)" msgstr "Par défaut : false (AD provider : true)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:517 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " "explicitly in the config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:526 msgid "krb5_map_user (string)" msgstr "krb5_map_user (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:529 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " "name and <quote>primary</quote> is a user part of a kerberos principal. This " "mapping is used when user is authenticating using <quote>auth_provider = " "krb5</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-krb5.5.xml:541 #, no-wrap msgid "" "krb5_realm = REALM\n" "krb5_map_user = joe:juser,dick:richard\n" msgstr "" "krb5_realm = REALM\n" "krb5_map_user = joe:juser,dick:richard\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:546 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " "principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will " "try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</" "quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" "If the auth-module krb5 is used in an SSSD domain, the following options " "must be used. See the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section " "<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Si le module auth krb5 est utilisé dans un domaine SSSD, les options " "suivantes doivent être utilisées. Cf. la page de manuel " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>, section <quote>SECTIONS DOMAINE</quote> pour plus " "de détails sur la configuration d'un domaine SSSD. <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:572 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " "example shows only configuration of Kerberos authentication; it does not " "include any identity provider." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et que FOO est " "l'un des domaines de la section <replaceable>[sssd]</replaceable>. Cet " "exemple montre uniquement la configuration de l'authentification Kerberos, " "et n'inclut aucun fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-krb5.5.xml:580 #, no-wrap msgid "" "[domain/FOO]\n" "auth_provider = krb5\n" "krb5_server = 192.168.1.1\n" "krb5_realm = EXAMPLE.COM\n" msgstr "" "[domain/FOO]\n" "auth_provider = krb5\n" "krb5_server = 192.168.1.1\n" "krb5_realm = EXAMPLE.COM\n" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 msgid "sss_groupadd" msgstr "sss_groupadd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupadd.8.xml:16 msgid "create a new group" msgstr "Créer un nouveau groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupadd.8.xml:21 msgid "" "<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:32 msgid "" "<command>sss_groupadd</command> creates a new group. These groups are " "compatible with POSIX groups, with the additional feature that they can " "contain other groups as members." msgstr "" "<command>sss_groupadd</command> crée un nouveau groupe. Ces groupes sont " "compatibles avec les groupes POSIX, avec la caractéristique supplémentaire " "qu'ils peuvent contenir d'autres groupes comme membres." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupadd.8.xml:43 sss_seed.8.xml:88 msgid "" "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" msgstr "" "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupadd.8.xml:48 msgid "" "Set the GID of the group to the value of <replaceable>GID</replaceable>. If " "not given, it is chosen automatically." msgstr "" "Positionne le GID du groupe à la valeur <replaceable>GID</replaceable>. Si " "non spécifié, il est choisi automatiquement." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_userdel.8.xml:10 sss_userdel.8.xml:15 msgid "sss_userdel" msgstr "sss_userdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_userdel.8.xml:16 msgid "delete a user account" msgstr "Supprimer un compte utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_userdel.8.xml:21 msgid "" "<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" "<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:32 msgid "" "<command>sss_userdel</command> deletes a user identified by login name " "<replaceable>LOGIN</replaceable> from the system." msgstr "" "<command>sss_userdel</command> supprime du système un utilisateur identifié " "par son identifiant de connexion <replaceable>LOGIN</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:44 msgid "<option>-r</option>,<option>--remove</option>" msgstr "<option>-r</option>,<option>--remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:48 msgid "" "Files in the user's home directory will be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" "Les fichiers dans le répertoire ainsi que le répertoire lui-même de " "l'utilisateur et sa messagerie seront supprimés. Outrepasse la configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:56 msgid "<option>-R</option>,<option>--no-remove</option>" msgstr "<option>-R</option>,<option>--no-remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:60 msgid "" "Files in the user's home directory will NOT be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" "Les fichiers dans le répertoire ainsi que le répertoire lui-même de " "l'utilisateur et sa messagerie ne seront PAS supprimés. Outrepasse la " "configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:68 msgid "<option>-f</option>,<option>--force</option>" msgstr "<option>-f</option>,<option>--force</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:72 msgid "" "This option forces <command>sss_userdel</command> to remove the user's home " "directory and mail spool, even if they are not owned by the specified user." msgstr "" "Cette option oblige <command>sss_userdel</command> à supprimer le répertoire " "home de l'utilisateur et sa messagerie, même si ils ne sont pas détenus par " "l'utilisateur spécifié." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:80 msgid "<option>-k</option>,<option>--kick</option>" msgstr "<option>-k</option>,<option>--kick</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:84 msgid "Before actually deleting the user, terminate all his processes." msgstr "" "Avant de réellement supprimer l'utilisateur, mettre fin à tous ses processus." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 msgid "sss_groupdel" msgstr "sss_groupdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupdel.8.xml:16 msgid "delete a group" msgstr "supprimer un groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupdel.8.xml:21 msgid "" "<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:32 msgid "" "<command>sss_groupdel</command> deletes a group identified by its name " "<replaceable>GROUP</replaceable> from the system." msgstr "" "<command>sss_groupdel</command> supprime du système un groupe identifié par " "son nom de groupe <replaceable>GROUPE</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 msgid "sss_groupshow" msgstr "sss_groupshow" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupshow.8.xml:16 msgid "print properties of a group" msgstr "affiche les propriétés d'un groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupshow.8.xml:21 msgid "" "<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupshow.8.xml:32 msgid "" "<command>sss_groupshow</command> displays information about a group " "identified by its name <replaceable>GROUP</replaceable>. The information " "includes the group ID number, members of the group and the parent group." msgstr "" "<command>sss_groupshow</command> affiche des informations sur un groupe " "identifié par son nom <replaceable>GROUPE</replaceable>. Les informations " "incluent l'ID de groupe, les membres du groupe ainsi que le groupe parent." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupshow.8.xml:43 msgid "<option>-R</option>,<option>--recursive</option>" msgstr "<option>-R</option>,<option>--recursive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupshow.8.xml:47 msgid "" "Also print indirect group members in a tree-like hierarchy. Note that this " "also affects printing parent groups - without <option>R</option>, only the " "direct parent will be printed." msgstr "" "Affiche aussi les membres indirects de groupe dans une hiérarchie " "arborescente. Noter que cela affecte également les affichages de groupes " "parents - sans l'option <option>R</option>, seul le parent direct sera " "affiché." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_usermod.8.xml:10 sss_usermod.8.xml:15 msgid "sss_usermod" msgstr "sss_usermod" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_usermod.8.xml:16 msgid "modify a user account" msgstr "modifier un compte utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_usermod.8.xml:21 msgid "" "<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" "<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:32 msgid "" "<command>sss_usermod</command> modifies the account specified by " "<replaceable>LOGIN</replaceable> to reflect the changes that are specified " "on the command line." msgstr "" "<command>sss_usermod</command> modifie le compte défini par " "<replaceable>LOGIN</replaceable> pour refléter les modifications fournies en " "ligne de commande." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:60 msgid "The home directory of the user account." msgstr "Le répertoire personnel du compte utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:71 msgid "The user's login shell." msgstr "L'interpréteur de commandes de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:82 msgid "" "Append this user to groups specified by the <replaceable>GROUPS</" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" "Ajouter cet utilisateur aux groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" "replaceable> est une liste séparée par des virgules de noms de groupes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:96 msgid "" "Remove this user from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." msgstr "" "Retirer cet utilisateur de groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:103 msgid "<option>-l</option>,<option>--lock</option>" msgstr "<option>-l</option>,<option>--lock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:107 msgid "Lock the user account. The user won't be able to log in." msgstr "Verrouiller le compte utilisateur. Il ne pourra plus se connecter." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:114 msgid "<option>-u</option>,<option>--unlock</option>" msgstr "<option>-u</option>,<option>--unlock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:118 msgid "Unlock the user account." msgstr "Déverrouiller le compte utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:129 msgid "The SELinux user for the user's login." msgstr "" "L'utilisateur SELinux pour l'identifiant de connexion de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:135 msgid "<option>--addattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" msgstr "<option>--addattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:140 msgid "Add an attribute/value pair. The format is attrname=value." msgstr "Ajouter une paire attribut/valeur. Le format est nom_attribut=valeur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:147 msgid "<option>--setattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" msgstr "<option>--setattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:152 msgid "" "Set an attribute to a name/value pair. The format is attrname=value. For " "multi-valued attributes, the command replaces the values already present" msgstr "" "Définir une paire attribut/valeur. Le format est nom_attribut=valeur. Pour " "les attributs multi-valués, la commande remplace les valeurs déjà présentes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:160 msgid "<option>--delattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" msgstr "<option>--delattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:165 msgid "Delete an attribute/value pair. The format is attrname=value." msgstr "" "Supprimer une paire attribut/valeur. Le format est nom_attribut=valeur." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_cache.8.xml:10 sss_cache.8.xml:15 msgid "sss_cache" msgstr "sss_cache" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_cache.8.xml:16 msgid "perform cache cleanup" msgstr "effectue le nettoyage du cache" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_cache.8.xml:21 msgid "" "<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" "<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_cache.8.xml:31 msgid "" "<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " "records are forced to be reloaded from server as soon as related SSSD " "backend is online. Options that invalidate a single object only accept a " "single provided argument." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:43 msgid "<option>-E</option>,<option>--everything</option>" msgstr "<option>-E</option>,<option>--everything</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:47 msgid "Invalidate all cached entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:53 msgid "" "<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" msgstr "" "<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:58 msgid "Invalidate specific user." msgstr "Invalider un utilisateur spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:64 msgid "<option>-U</option>,<option>--users</option>" msgstr "<option>-U</option>,<option>--users</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:68 msgid "" "Invalidate all user records. This option overrides invalidation of specific " "user if it was also set." msgstr "" "L'annulation de tous les enregistrements d'utilisateur. Cette option prend " "le pas sur l'invalidation d'un utilisateur spécifique, si elle a été " "également configuré." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:75 msgid "" "<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" msgstr "" "<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:80 msgid "Invalidate specific group." msgstr "L'annulation de groupe spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:86 msgid "<option>-G</option>,<option>--groups</option>" msgstr "<option>-G</option>,<option>--groups</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:90 msgid "" "Invalidate all group records. This option overrides invalidation of specific " "group if it was also set." msgstr "" "L'annulation de tous les enregistrements de groupe. Cette option prend le " "pas sur l'invalidation d'un groupe spécifique si elle a été également " "définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:97 msgid "" "<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" "replaceable>" msgstr "" "<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:102 msgid "Invalidate specific netgroup." msgstr "Invalide un netgroup spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:108 msgid "<option>-N</option>,<option>--netgroups</option>" msgstr "<option>-N</option>,<option>--netgroups</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:112 msgid "" "Invalidate all netgroup records. This option overrides invalidation of " "specific netgroup if it was also set." msgstr "" "Invalider tous les enregistrements de netgroup. Cette option prend le pas " "sur l'invalidation de netgroup spécifiques s'il a été également définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:119 msgid "" "<option>-s</option>,<option>--service</option> <replaceable>service</" "replaceable>" msgstr "" "<option>-s</option>,<option>--service</option> <replaceable>service</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:124 msgid "Invalidate specific service." msgstr "Invalider le service spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:130 msgid "<option>-S</option>,<option>--services</option>" msgstr "<option>-S</option>,<option>--services</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:134 msgid "" "Invalidate all service records. This option overrides invalidation of " "specific service if it was also set." msgstr "" "Invalider tous les enregistrements de service. Cette option se substitue à " "l'invalidation de service spécifique s'elle a également été définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:141 msgid "" "<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</" "replaceable>" msgstr "" "<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:146 msgid "Invalidate specific autofs maps." msgstr "Invalider des cartes autofs spécifiques." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:152 msgid "<option>-A</option>,<option>--autofs-maps</option>" msgstr "<option>-A</option>,<option>--autofs-maps</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:156 msgid "" "Invalidate all autofs maps. This option overrides invalidation of specific " "map if it was also set." msgstr "" "Invalider toutes les cartes autofs. Cette option remplace l'invalidation de " "carte spécifique s'elle a également été définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:163 msgid "" "<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:168 msgid "Invalidate SSH public keys of a specific host." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:174 msgid "<option>-H</option>,<option>--ssh-hosts</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:178 msgid "" "Invalidate SSH public keys of all hosts. This option overrides invalidation " "of SSH public keys of specific host if it was also set." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:186 msgid "" "<option>-r</option>,<option>--sudo-rule</option> <replaceable>rule</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:191 msgid "Invalidate particular sudo rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:197 msgid "<option>-R</option>,<option>--sudo-rules</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:201 msgid "" "Invalidate all cached sudo rules. This option overrides invalidation of " "specific sudo rule if it was also set." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:209 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" msgstr "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:214 msgid "Restrict invalidation process only to a particular domain." msgstr "Restreindre le processus d'invalidation à un domaine particulier." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 msgid "sss_debuglevel" msgstr "sss_debuglevel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_debuglevel.8.xml:16 #, fuzzy #| msgid "change debug level while SSSD is running" msgid "[DEPRECATED] change debug level while SSSD is running" msgstr "modifie le niveau de débogage pendant l'exécution de SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_debuglevel.8.xml:21 msgid "" "<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" "replaceable></arg>" msgstr "" "<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" "replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_debuglevel.8.xml:32 msgid "" "<command>sss_debuglevel</command> is deprecated and replaced by the sssctl " "debug-level command. Please refer to the <command>sssctl</command> man page " "for more information on sssctl usage." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_seed.8.xml:10 sss_seed.8.xml:15 msgid "sss_seed" msgstr "sss_seed" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_seed.8.xml:16 msgid "seed the SSSD cache with a user" msgstr "initialise le cache SSSD avec un utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_seed.8.xml:21 msgid "" "<command>sss_seed</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</" "replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></" "arg>" msgstr "" "<command>sss_seed</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</" "replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_seed.8.xml:33 msgid "" "<command>sss_seed</command> seeds the SSSD cache with a user entry and " "temporary password. If a user entry is already present in the SSSD cache " "then the entry is updated with the temporary password." msgstr "" "<command>sss_seed</command> initialise le cache SSSD avec une entrée " "d'utilisateur et le mot de passe temporaire. Si une entrée d'utilisateur est " "déjà présente dans le cache de SSSD, l'entrée est mise à jour avec le mot de " "passe temporaire." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_seed.8.xml:46 msgid "" "<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" "<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:51 msgid "" "Provide the name of the domain in which the user is a member of. The domain " "is also used to retrieve user information. The domain must be configured in " "sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. " "Information retrieved from the domain overrides what is provided in the " "options." msgstr "" "Indique le nom de domaine duquel l'utilisateur est membre. Le domaine est " "également utilisé pour récupérer les informations sur l'utilisateur. Le " "domaine doit être configuré dans sssd.conf. L'option <replaceable>DOMAIN</" "replaceable> doit être fournie. Les informations récupérées depuis le " "domaine prennent le pas sur ce qui est fourni dans les options." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_seed.8.xml:63 msgid "" "<option>-n</option>,<option>--username</option> <replaceable>USER</" "replaceable>" msgstr "" "<option>-n</option>,<option>--username</option> <replaceable>USER</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:68 msgid "" "The username of the entry to be created or modified in the cache. The " "<replaceable>USER</replaceable> option must be provided." msgstr "" "Le nom d'utilisateur de l'entrée devant être créée ou modifiée dans le " "cache. L'option <replaceable>USER</replaceable> doit être fournie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:81 msgid "Set the UID of the user to <replaceable>UID</replaceable>." msgstr "Définit l'UID de l'utilisateur à <replaceable>UID</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:93 msgid "Set the GID of the user to <replaceable>GID</replaceable>." msgstr "Définit le GID de l'utilisateur à <replaceable>GID</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:117 msgid "" "Set the home directory of the user to <replaceable>HOME_DIR</replaceable>." msgstr "" "Définit le répertoire de l'utilisateur à <replaceable>HOME_DIR</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:129 msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>." msgstr "" "Définit l'interpréteur de commande de l'utilisateur à <replaceable>SHELL</" "replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:140 msgid "" "Interactive mode for entering user information. This option will only prompt " "for information not provided in the options or retrieved from the domain." msgstr "" "Mode interactif pour la saisie des informations de l'utilisateur. Cette " "option invite uniquement à la saisir des renseignements non fournis dans les " "options ou non récupérés à partir du domaine." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_seed.8.xml:148 msgid "" "<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</" "replaceable>" msgstr "" "<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:153 msgid "" "Specify file to read user's password from. (if not specified password is " "prompted for)" msgstr "" "Spécifie le fichier dans lequel lire le mot de passe de l'utilisateur. (si " "aucun mot de passe n'est spécifié, il sera demandé)" #. type: Content of: <reference><refentry><refsect1><para> #: sss_seed.8.xml:165 msgid "" "The length of the password (or the size of file specified with -p or --" "password-file option) must be less than or equal to PASS_MAX bytes (64 bytes " "on systems with no globally-defined PASS_MAX value)." msgstr "" "La taille du mot de passe (ou la taille du fichier spécifié avec l'option -p " "ou --password-file) doit être inférieure ou égale à PASS_MAX octets (64 " "octets sur les systèmes sans valeur globale définie de PASS_MAX)." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ifp.5.xml:10 sssd-ifp.5.xml:16 msgid "sssd-ifp" msgstr "sssd-ifp" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ifp.5.xml:17 msgid "SSSD InfoPipe responder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ifp.5.xml:23 msgid "" "This manual page describes the configuration of the InfoPipe responder for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ifp.5.xml:36 msgid "" "The InfoPipe responder provides a public D-Bus interface accessible over the " "system bus. The interface allows the user to query information about remote " "users and groups over the system bus." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ifp.5.xml:46 msgid "These options can be used to configure the InfoPipe responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:53 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the InfoPipe responder. User names are resolved to UIDs at " "startup." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:59 msgid "" "Default: 0 (only the root user is allowed to access the InfoPipe responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:63 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " "access the InfoPipe responder, which would be the typical case, you have to " "add 0 to the list of allowed UIDs as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:77 msgid "Specifies the comma-separated list of white or blacklisted attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:91 msgid "name" msgstr "name" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:92 msgid "user's login name" msgstr "identifiant de connexion de l'utilisateur" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:95 msgid "uidNumber" msgstr "uidNumber" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:96 msgid "user ID" msgstr "identifiant de l'utilisateur" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:99 msgid "gidNumber" msgstr "gidNumber" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:100 msgid "primary group ID" msgstr "identifiant de groupe primaire" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:103 msgid "gecos" msgstr "gecos" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:104 msgid "user information, typically full name" msgstr "informations utilisateur, généralement le nom complet" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:107 msgid "homeDirectory" msgstr "homeDirectory" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:111 msgid "loginShell" msgstr "loginShell" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:112 msgid "user shell" msgstr "interpréteur de commande" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:81 msgid "" "By default, the InfoPipe responder only allows the default set of POSIX " "attributes to be requested. This set is the same as returned by " "<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry> and includes: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ifp.5.xml:125 #, no-wrap msgid "" "user_attributes = +telephoneNumber, -loginShell\n" " " msgstr "" "user_attributes = +telephoneNumber, -loginShell\n" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:117 msgid "" "It is possible to add another attribute to this set by using <quote>" "+attr_name</quote> or explicitly remove an attribute using <quote>-" "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> but " "deny <quote>loginShell</quote>, you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:129 msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" "Par défaut : non défini. Seul le jeu d'attributs POSIX par défaut est " "autorisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:139 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup that overrides caller-supplied limit." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:144 msgid "Default: 0 (let the caller set an upper limit)" msgstr "" #. type: Content of: <reference><refentry><refentryinfo> #: sss_rpcidmapd.5.xml:8 msgid "" "<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" "firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " "Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" "author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " "<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" "author>" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 msgid "sss_rpcidmapd" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_rpcidmapd.5.xml:33 msgid "sss plugin configuration directives for rpc.idmapd" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_rpcidmapd.5.xml:37 msgid "CONFIGURATION FILE" msgstr "FICHIER DE CONFIGURATION" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:39 msgid "" "rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." "conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_rpcidmapd.5.xml:49 msgid "SSS CONFIGURATION EXTENSION" msgstr "EXTENSION DE CONFIGURATION SSS" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss_rpcidmapd.5.xml:51 msgid "Enable SSS plugin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_rpcidmapd.5.xml:53 msgid "" "In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " "attribute to contain <emphasis>sss</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss_rpcidmapd.5.xml:59 msgid "[sss] config section" msgstr "Section de configuration [sss]" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_rpcidmapd.5.xml:61 msgid "" "In order to change the default of one of the configuration attributes of the " "<emphasis>sss</emphasis> plugin listed below you will need to create a " "config section for it, named <quote>[sss]</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> #: sss_rpcidmapd.5.xml:67 msgid "Configuration attributes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sss_rpcidmapd.5.xml:69 msgid "memcache (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sss_rpcidmapd.5.xml:72 msgid "Indicates whether or not to use memcache optimisation technique." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_rpcidmapd.5.xml:85 msgid "SSSD INTEGRATION" msgstr "INTÉGRATION SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:87 msgid "" "The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " "in sssd." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:91 msgid "" "The attribute <quote>use_fully_qualified_names</quote> must be enabled on " "all domains (NFSv4 clients expect a fully qualified name to be sent on the " "wire)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_rpcidmapd.5.xml:103 #, no-wrap msgid "" "[General]\n" "Verbosity = 2\n" "# domain must be synced between NFSv4 server and clients\n" "# Solaris/Illumos/AIX use \"localdomain\" as default!\n" "Domain = default\n" "\n" "[Mapping]\n" "Nobody-User = nfsnobody\n" "Nobody-Group = nfsnobody\n" "\n" "[Translation]\n" "Method = sss\n" msgstr "" "[General]\n" "Verbosity = 2\n" "# domain must be synced between NFSv4 server and clients\n" "# Solaris/Illumos/AIX use \"localdomain\" as default!\n" "Domain = default\n" "\n" "[Mapping]\n" "Nobody-User = nfsnobody\n" "Nobody-Group = nfsnobody\n" "\n" "[Translation]\n" "Method = sss\n" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:100 msgid "" "The following example shows a minimal idmapd.conf which makes use of the sss " "plugin. <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <refsect1><title> #: sss_rpcidmapd.5.xml:120 sssd-kcm.8.xml:180 include/seealso.xml:2 msgid "SEE ALSO" msgstr "VOIR AUSSI" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:122 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>" msgstr "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" msgstr "sss_ssh_authorizedkeys" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 msgid "1" msgstr "1" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_ssh_authorizedkeys.1.xml:16 msgid "get OpenSSH authorized keys" msgstr "obtient les clés OpenSSH autorisées" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_ssh_authorizedkeys.1.xml:21 msgid "" "<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>USER</replaceable></arg>" msgstr "" "<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>USER</replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:32 msgid "" "<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " "<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " "format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> for more information)." msgstr "" "<command>sss_ssh_authorizedkeys</command> acquiert les clés publiques SSH " "pour <replaceable>USER</replaceable> et les renvoie dans le format " "authorized_keys de OpenSSH (cf. la section <quote>FORMAT DE FICHIER " "AUTHORIZED_KEYS</quote> de <citerefentry><refentrytitle>sshd</refentrytitle> " "<manvolnum>8</manvolnum></citerefentry> pour plus d'informations)." #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:41 msgid "" "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" "command> for public key user authentication if it is compiled with support " "for <quote>AuthorizedKeysCommand</quote> option. Please refer to the " "<citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> man page for more details about this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_ssh_authorizedkeys.1.xml:59 #, no-wrap msgid "" " AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" " AuthorizedKeysCommandUser nobody\n" msgstr "" " AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" " AuthorizedKeysCommandUser nobody\n" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:52 msgid "" "If <quote>AuthorizedKeysCommand</quote> is supported, " "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> can be configured to use it by putting the following " "directives in <citerefentry> <refentrytitle>sshd_config</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry>: <placeholder type=\"programlisting" "\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_authorizedkeys.1.xml:75 msgid "" "Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." msgstr "" "Rechercher des clés publiques dans le domaine SSSD <replaceable>DOMAIN</" "replaceable>." #. type: Content of: <reference><refentry><refsect1><title> #: sss_ssh_authorizedkeys.1.xml:84 sss_ssh_knownhostsproxy.1.xml:92 msgid "EXIT STATUS" msgstr "CODE RETOUR" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:86 sss_ssh_knownhostsproxy.1.xml:94 msgid "" "In case of success, an exit value of 0 is returned. Otherwise, 1 is returned." msgstr "" "Dans le cas d'un opération achevée avec succès, une valeur de retour de 0 " "est renvoyée. Dans le cas contraire, 1 est renvoyé." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 msgid "sss_ssh_knownhostsproxy" msgstr "sss_ssh_knownhostsproxy" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_ssh_knownhostsproxy.1.xml:16 msgid "get OpenSSH host keys" msgstr "obtenir les clés d'hôtes OpenSSH" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_ssh_knownhostsproxy.1.xml:21 msgid "" "<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>HOST</replaceable></arg> <arg " "choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" msgstr "" "<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>HOST</replaceable></arg> <arg " "choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_knownhostsproxy.1.xml:33 msgid "" "<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " "host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " "known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " "of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" "manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" "pubconf/known_hosts</filename> and establishes the connection to the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_knownhostsproxy.1.xml:43 msgid "" "If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " "create the connection to the host instead of opening a socket." msgstr "" "Si <replaceable>PROXY_COMMAND</replaceable> est indiqué, elle est alors " "utilisée pour établier la connexion vers le système au lieu d'ouvrir une " "socket." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_ssh_knownhostsproxy.1.xml:55 #, no-wrap msgid "" "ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" "GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n" msgstr "" "ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" "GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_knownhostsproxy.1.xml:48 msgid "" "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" "command> for host key authentication by using the following directives for " "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> peut être configuré pour utiliser " "<command>sss_ssh_knownhostsproxy</command> pour l'authentication par clés en " "utilisant les directives suivantes pour la configuration de " "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:66 msgid "" "<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" msgstr "" "<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:71 msgid "" "Use port <replaceable>PORT</replaceable> to connect to the host. By " "default, port 22 is used." msgstr "" "Utiliser le port <replaceable>PORT</replaceable> pour se connecter au " "système. Par défaut, le port 22 est utilisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:83 msgid "" "Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." msgstr "" "Rechercher les clés publiques dans le domaine SSSD <replaceable>DOMAINE</" "replaceable> hôte." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 msgid "idmap_sss" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: idmap_sss.8.xml:16 msgid "SSSD's idmap_sss Backend for Winbind" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: idmap_sss.8.xml:22 msgid "" "The idmap_sss module provides a way to call SSSD to map UIDs/GIDs and SIDs. " "No database is required in this case as the mapping is done by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: idmap_sss.8.xml:29 msgid "IDMAP OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: idmap_sss.8.xml:33 msgid "range = low - high" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: idmap_sss.8.xml:35 msgid "" "Defines the available matching UID and GID range for which the backend is " "authoritative." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: idmap_sss.8.xml:45 msgid "" "This example shows how to configure idmap_sss as the default mapping module." msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> #: idmap_sss.8.xml:50 #, no-wrap msgid "" "[global]\n" "security = domain\n" "workgroup = MAIN\n" "\n" "idmap config * : backend = sss\n" "idmap config * : range = 200000-2147483647\n" " " msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssctl.8.xml:10 sssctl.8.xml:15 msgid "sssctl" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssctl.8.xml:16 msgid "SSSD control and status utility" msgstr "" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sssctl.8.xml:21 msgid "" "<command>sssctl</command> <arg choice='plain'><replaceable>COMMAND</" "replaceable></arg> <arg choice='opt'> <replaceable>options</replaceable> </" "arg>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssctl.8.xml:32 msgid "" "<command>sssctl</command> provides a simple and unified way to obtain " "information about SSSD status, such as active server, auto-discovered " "servers, domains and cached objects. In addition, it can manage SSSD data " "files for troubleshooting in such a way that is safe to manipulate while " "SSSD is running." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssctl.8.xml:43 msgid "" "To list all available commands run <command>sssctl</command> without any " "parameters. To print help for selected command run <command>sssctl COMMAND --" "help</command>." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-files.5.xml:10 sssd-files.5.xml:16 msgid "sssd-files" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-files.5.xml:17 msgid "SSSD files provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:23 msgid "" "This manual page describes the files provider for <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:36 msgid "" "The files provider mirrors the content of the <citerefentry> " "<refentrytitle>passwd</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> and <citerefentry> <refentrytitle>group</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> files. The purpose of the files " "provider is to make the users and groups traditionally only accessible with " "NSS interfaces also available through the SSSD interfaces such as " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 msgid "" "The files provider has no specific options of its own, however, generic SSSD " "domain options can be set where applicable. Refer to the section " "<quote>DOMAIN SECTIONS</quote> of the <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for details on the configuration of an SSSD domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:73 msgid "" "The following example assumes that SSSD is correctly configured and files is " "one of the domains in the <replaceable>[sssd]</replaceable> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-files.5.xml:79 #, no-wrap msgid "" "[domain/files]\n" "id_provider = files\n" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-secrets.5.xml:10 sssd-secrets.5.xml:16 msgid "sssd-secrets" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-secrets.5.xml:17 msgid "SSSD Secrets responder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:23 msgid "" "This manual page describes the configuration of the Secrets responder for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:36 msgid "" "Many system and user applications need to store private information such as " "passwords or service keys and have no good way to properly deal with them. " "The simple approach is to embed these <quote>secrets</quote> into " "configuration files potentially ending up exposing sensitive key material to " "backups, config management system and in general making it harder to secure " "data." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:45 msgid "" "The <ulink url=\"https://github.com/latchset/custodia\">custodia</ulink> " "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " "via a Unix Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:55 msgid "" "The secrets are simple key-value pairs. Each user's secrets are namespaced " "using their user ID, which means the secrets will never collide between " "users. Secrets can be stored inside <quote>containers</quote> which can be " "nested." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:69 msgid "secrets" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:70 msgid "secrets for general usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:73 msgid "kcm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:75 #, fuzzy #| msgid "" #| "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " #| "<manvolnum>8</manvolnum> </citerefentry> to specify the default " #| "permissions on a newly created home directory." msgid "" "used by the <citerefentry> <refentrytitle>sssd-kcm</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> service." msgstr "" "Utilisé par <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> pour spécifier les permissions par " "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:61 msgid "" "Since the secrets responder can be used both externally to store general " "secrets, as described in the rest of this man page, but also internally by " "other SSSD components to store their secret material, some configuration " "options, like quotas can be configured per <quote>hive</quote> in a " "configuration subsection named after the hive. The currently supported hives " "are: <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-secrets.5.xml:89 msgid "USING THE SECRETS RESPONDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:91 msgid "" "The UNIX socket the SSSD responder listens on is located at <filename>/var/" "run/secrets.socket</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-secrets.5.xml:110 #, no-wrap msgid "" "systemctl start sssd-secrets.socket\n" "systemctl enable sssd-secrets.socket\n" "systemctl enable sssd-secrets.service\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:95 msgid "" "The secrets responder is socket-activated by <citerefentry> " "<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry>. Unlike other SSSD responders, it cannot be started by adding " "the <quote>secrets</quote> string to the <quote>service</quote> directive. " "The systemd socket unit is called <quote>sssd-secrets.socket</quote> and the " "corresponding service file is called <quote>sssd-secrets.service</quote>. In " "order for the service to be socket-activated, make sure the socket is " "enabled and active and the service is enabled: <placeholder type=" "\"programlisting\" id=\"0\"/> Please note your distribution may already " "configure the units for you." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:122 msgid "" "The generic SSSD responder options such as <quote>debug_level</quote> or " "<quote>fd_limit</quote> are accepted by the secrets responder. Please refer " "to the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for a complete list. In addition, " "there are some secrets-specific options as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:132 msgid "" "The secrets responder is configured with a global <quote>[secrets]</quote> " "section and an optional per-user <quote>[secrets/users/$uid]</quote> section " "in <filename>sssd.conf</filename>. Please note that some options, notably as " "the provider type, can only be specified in the per-user subsections." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:141 msgid "provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:157 msgid "local" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:160 msgid "" "The secrets are stored in a local database, encrypted at rest with a master " "key. The local provider does not have any additional config options at the " "moment." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:168 msgid "proxy" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:171 msgid "" "The secrets responder forwards the requests to a Custodia server. The proxy " "provider supports several additional options (see below)." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:144 msgid "" "This option specifies where should the secrets be stored. The secrets " "responder can configure a per-user subsections (e.g. <quote>[secrets/" "users/123]</quote> - see bottom of this manual page for a full example using " "Custodia for a particular user) that define which provider store the secrets " "for this particular user. The per-user subsections should contain all " "options for that user's provider. Please note that currently the global " "provider is always local, the proxy provider can only be specified in a per-" "user section. The following providers are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:180 msgid "Default: local" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:186 msgid "" "The following options affect only the secrets <quote>hive</quote> and " "therefore should be set in a per-hive subsection. Setting the option to 0 " "means \"unlimited\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:192 msgid "containers_nest_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:195 msgid "This option specifies the maximum allowed number of nested containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:199 msgid "Default: 4" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:204 msgid "max_secrets (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:207 msgid "" "This option specifies the maximum number of secrets that can be stored in " "the hive." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:211 msgid "Default: 1024 (secrets hive), 256 (kcm hive)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:216 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "max_uid_secrets (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:219 msgid "" "This option specifies the maximum number of secrets that can be stored per-" "UID in the hive." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:223 msgid "Default: 256 (secrets hive), 64 (kcm hive)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:228 msgid "max_payload_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:231 msgid "" "This option specifies the maximum payload size allowed for a secret payload " "in kilobytes." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:235 msgid "Default: 16 (secrets hive), 65536 (64 MiB) (kcm hive)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-secrets.5.xml:244 #, no-wrap msgid "" "[secrets/secrets]\n" "max_payload_size = 128\n" "\n" "[secrets/kcm]\n" "max_payload_size = 256\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:241 msgid "" "For example, to adjust quotas differently for both the <quote>secrets</" "quote> and the <quote>kcm</quote> hives, configure the following: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:252 msgid "" "The following options are only applicable for configurations that use the " "<quote>proxy</quote> provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:257 msgid "proxy_url (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:260 msgid "" "The URL the Custodia server is listening on. At the moment, http and https " "protocols are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:267 msgid "http[s]://<host>[:port]" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:270 msgid "Example: http://localhost:8080" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:275 msgid "auth_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:278 msgid "" "The method to use when authenticating to a Custodia server. The following " "authentication methods are supported:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><term> #: sssd-secrets.5.xml:283 msgid "basic_auth" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:286 msgid "" "Authenticate with a username and a password as set in the <quote>username</" "quote> and <quote>password</quote> options." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><term> #: sssd-secrets.5.xml:293 msgid "header" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:296 msgid "" "Authenticate with HTTP header value as defined in the " "<quote>auth_header_name</quote> and <quote>auth_header_value</quote> " "configuration options." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:307 msgid "auth_header_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:310 msgid "" "If set, the secrets responder would put a header with this name into the " "HTTP request with the value defined in the <quote>auth_header_value</quote> " "configuration option." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:315 msgid "Example: MYSECRETNAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:320 msgid "auth_header_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:323 msgid "" "The value sssd-secrets would use for the <quote>auth_header_name</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:327 msgid "Example: mysecret" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:332 msgid "forward_headers (list of strings)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:335 msgid "" "The list of HTTP headers to forward to the Custodia server together with the " "request." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:344 msgid "verify_peer (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:347 msgid "" "Whether peer's certificate should be verified and valid if HTTPS protocol is " "used with the proxy provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:356 msgid "verify_host (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:359 msgid "" "Whether peer's hostname must match with hostname in its certificate if HTTPS " "protocol is used with the proxy provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:369 msgid "capath (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:372 msgid "" "Path to directory containing stored certificate authority certificates. " "System default path is used if this option is not set." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:382 msgid "cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:385 msgid "" "Path to file containing server's certificate authority certificate. If this " "option is not set then the CA's certificate is looked up in <quote>capath</" "quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:395 msgid "cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:398 msgid "" "Path to file containing client's certificate if required by the server. This " "file may also contain private key or the private key may be in separate file " "set with <quote>key</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:409 msgid "key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:412 msgid "Path to file containing client's private key." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-secrets.5.xml:422 msgid "USING THE REST API" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:424 msgid "" "This section lists the available commands and includes examples using the " "<citerefentry> <refentrytitle>curl</refentrytitle> <manvolnum>1</manvolnum> " "</citerefentry> utility. All requests towards the proxy provider must set " "the Content Type header to <quote>application/json</quote>. In addition, the " "local provider also supports Content Type set to <quote>application/octet-" "stream</quote>. Secrets stored with requests that set the Content Type " "header to <quote>application/octet-stream</quote> are base64-encoded when " "stored and decoded when retrieved, so it's not possible to store a secret " "with one Content Type and retrieve with another. The secret URI must begin " "with <filename>/secrets/</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:441 msgid "Listing secrets" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:444 msgid "" "To list the available secrets, send a HTTP GET request with a trailing slash " "appended to the container path." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:450 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XGET http://localhost/secrets/\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:458 msgid "Retrieving a secret" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:461 msgid "" "To read a value of a single secret, send a HTTP GET request without a " "trailing slash. The last portion of the URI is the name of the secret." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:468 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XGET http://localhost/secrets/foo\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:473 #, no-wrap msgid "" "curl -H \"Content-Type: application/octet-stream\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XGET http://localhost/secrets/bar\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:466 msgid "" "Examples: <placeholder type=\"programlisting\" id=\"0\"/> <placeholder type=" "\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:481 msgid "Setting a secret" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:484 msgid "" "To set a secret using the <quote>application/json</quote> type, send a HTTP " "PUT request with a JSON payload that includes type and value. The type " "should be set to \"simple\" and the value should be set to the secret value. " "If a secret with that name already exists, the response is a 409 HTTP error." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:492 msgid "" "The <quote>application/json</quote> type just sends the secret as the " "message payload." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:501 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XPUT http://localhost/secrets/foo \\\n" " -d'{\"type\":\"simple\",\"value\":\"foosecret\"}'\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:507 #, no-wrap msgid "" "curl -H \"Content-Type: application/octet-stream\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XPUT http://localhost/secrets/bar \\\n" " -d'barsecret'\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:496 msgid "" "The following example sets a secret named 'foo' to a value of 'foosecret' " "and a secret named 'bar' to a value of 'barsecret' using a different Content " "Type. <placeholder type=\"programlisting\" id=\"0\"/> <placeholder type=" "\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:516 msgid "Creating a container" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:519 msgid "" "Containers provide an additional namespace for this user's secrets. To " "create a container, send a HTTP POST request, whose URI ends with the " "container name. Please note the URI must end with a trailing slash." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:529 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XPOST http://localhost/secrets/mycontainer/\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:526 msgid "" "The following example creates a container named 'mycontainer': <placeholder " "type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:538 #, no-wrap msgid "" "http://localhost/secrets/mycontainer/mysecret\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:535 msgid "" "To manipulate secrets under this container, just nest the secrets underneath " "the container path: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:544 msgid "Deleting a secret or a container" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:547 msgid "" "To delete a secret or a container, send a HTTP DELETE request with a path to " "the secret or the container." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:553 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XDELETE http://localhost/secrets/foo\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:551 msgid "" "The following example deletes a secret named 'foo'. <placeholder type=" "\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-secrets.5.xml:563 msgid "EXAMPLE CUSTODIA AND PROXY PROVIDER CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:565 msgid "" "For testing the proxy provider, you need to set up a Custodia server to " "proxy requests to. Please always consult the Custodia documentation, the " "configuration directives might change with different Custodia versions." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-secrets.5.xml:576 #, no-wrap msgid "" "[global]\n" "server_version = \"Secret/0.0.7\"\n" "server_url = http://localhost:8080/\n" "auditlog = /var/log/custodia.log\n" "debug = True\n" "\n" "[store:simple]\n" "handler = custodia.store.sqlite.SqliteStore\n" "dburi = /var/lib/custodia.db\n" "table = secrets\n" "\n" "[auth:header]\n" "handler = custodia.httpd.authenticators.SimpleHeaderAuth\n" "header = MYSECRETNAME\n" "value = mysecretkey\n" "\n" "[authz:paths]\n" "handler = custodia.httpd.authorizers.SimplePathAuthz\n" "paths = /secrets\n" "\n" "[/]\n" "handler = custodia.root.Root\n" "store = simple\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:570 msgid "" "This configuration will set up a Custodia server listening on http://" "localhost:8080, allowing anyone with header named MYSECRETNAME set to " "mysecretkey to communicate with the Custodia server. Place the contents " "into a file (for example, <replaceable>custodia.conf</replaceable>): " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:602 msgid "" "Then run the <replaceable>custodia</replaceable> command, pointing it at the " "config file as a command line argument." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:606 msgid "" "Please note that currently it's not possible to proxy all requests globally " "to a Custodia instance. Instead, per-user subsections for user IDs that " "should proxy requests to Custodia must be defined. The following example " "illustrates a configuration, where the user with UID 123 would proxy their " "requests to Custodia, but all other user's requests would be handled by a " "local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> #: sssd-secrets.5.xml:614 #, no-wrap msgid "" "[secrets]\n" "\n" "[secrets/users/123]\n" "provider = proxy\n" "proxy_url = http://localhost:8080/secrets/\n" "auth_type = header\n" "auth_header_name = MYSECRETNAME\n" "auth_header_value = mysecretkey\n" " " msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-session-recording.5.xml:16 msgid "sssd-session-recording" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-session-recording.5.xml:17 #, fuzzy #| msgid "Configuring sudo to cooperate with SSSD" msgid "Configuring session recording with SSSD" msgstr "Configuration de sudo pour coopérer avec SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:23 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the simple access-control " #| "provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " #| "<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax " #| "reference, refer to the <quote>FILE FORMAT</quote> section of the " #| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" #| "manvolnum> </citerefentry> manual page." msgid "" "This manual page describes how to configure <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " "to work with <citerefentry> <refentrytitle>tlog-rec-session</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>, a part of tlog package, to " "implement user session recording on text terminals. For a detailed " "configuration syntax reference, refer to the <quote>FILE FORMAT</quote> " "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur de contrôle " "d'accès simple de <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. Pour plus de détails sur la " "syntaxe, cf. la section <quote>FORMAT DE FICHIER</quote> de la page de " "manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:41 msgid "" "SSSD can be set up to enable recording of everything specific users see or " "type during their sessions on text terminals. E.g. when users log in on the " "console, or via SSH. SSSD itself doesn't record anything, but makes sure " "tlog-rec-session is started upon user login, so it can record according to " "its configuration." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:48 msgid "" "For users with session recording enabled, SSSD replaces the user shell with " "tlog-rec-session in NSS responses, and adds a variable specifying the " "original shell to the user environment, upon PAM session setup. This way " "tlog-rec-session can be started in place of the user shell, and know which " "actual shell to start, once it set up the recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:60 #, fuzzy #| msgid "These options can be used to configure the PAC responder." msgid "These options can be used to configure the session recording." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:146 msgid "" "The following snippet of sssd.conf enables session recording for users " "\"contractor1\" and \"contractor2\", and group \"students\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-session-recording.5.xml:151 #, no-wrap msgid "" "[session_recording]\n" "scope = some\n" "users = contractor1, contractor2\n" "groups = students\n" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-kcm.8.xml:10 sssd-kcm.8.xml:16 msgid "sssd-kcm" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-kcm.8.xml:17 msgid "SSSD Kerberos Cache Manager" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:23 msgid "" "This manual page describes the configuration of the SSSD Kerberos Cache " "Manager (KCM). KCM is a process that stores, tracks and manages Kerberos " "credential caches. It originates in the Heimdal Kerberos project, although " "the MIT Kerberos library also provides client side (more details on that " "below) support for the KCM credential cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:31 msgid "" "In a setup where Kerberos caches are managed by KCM, the Kerberos library " "(typically used through an application, like e.g., <citerefentry> " "<refentrytitle>kinit</refentrytitle><manvolnum>1</manvolnum> </" "citerefentry>, is a <quote>\"KCM client\"</quote> and the KCM daemon is " "being referred to as a <quote>\"KCM server\"</quote>. The client and server " "communicate over a UNIX socket." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:42 msgid "" "The KCM server keeps track of each credential caches's owner and performs " "access check control based on the UID and GID of the KCM client. The root " "user has access to all credential caches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:47 msgid "The KCM credential cache has several interesting properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:51 msgid "" "since the process runs in userspace, it is subject to UID namespacing, " "unlike the kernel keyring" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:56 msgid "" "unlike the kernel keyring-based cache, which is shared between all " "containers, the KCM server is a separate process whose entry point is a UNIX " "socket" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:61 msgid "" "the SSSD implementation stores the ccaches in the SSSD <citerefentry> " "<refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry> secrets store, allowing the ccaches to survive KCM server " "restarts or machine reboots." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:69 msgid "" "This allows the system to use a collection-aware credential cache, yet share " "the credential cache between some or no containers by bind-mounting the " "socket." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-kcm.8.xml:76 msgid "USING THE KCM CREDENTIAL CACHE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:86 #, no-wrap msgid "" "[libdefaults]\n" " default_ccache_name = KCM:\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:78 msgid "" "In order to use KCM credential cache, it must be selected as the default " "credential type in <citerefentry> <refentrytitle>krb5.conf</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, The credentials " "cache name must be only <quote>KCM:</quote> without any template " "expansions. For example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:91 msgid "" "Next, make sure the Kerberos client libraries and the KCM server must agree " "on the UNIX socket path. By default, both use the same path <replaceable>/" "var/run/.heim_org.h5l.kcm-socket</replaceable>. To configure the Kerberos " "library, change its <quote>kcm_socket</quote> option which is described in " "the <citerefentry> <refentrytitle>krb5.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:113 #, no-wrap msgid "" "systemctl start sssd-kcm.socket\n" "systemctl enable sssd-kcm.socket\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:102 msgid "" "Finally, make sure the SSSD KCM server can be contacted. The KCM service is " "typically socket-activated by <citerefentry> <refentrytitle>systemd</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry>. Unlike other SSSD " "services, it cannot be started by adding the <quote>kcm</quote> string to " "the <quote>service</quote> directive. <placeholder type=\"programlisting\" " "id=\"0\"/> Please note your distribution may already configure the units for " "you." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-kcm.8.xml:122 msgid "THE CREDENTIAL CACHE STORAGE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:131 #, no-wrap msgid "" "systemctl start sssd-secrets.socket\n" "systemctl enable sssd-secrets.socket\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:124 msgid "" "The credential caches are stored in the SSSD secrets service (see " "<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry> for more details). Therefore it is important that " "also the sssd-secrets service is enabled and its socket is started: " "<placeholder type=\"programlisting\" id=\"0\"/> Your distribution should " "already set the dependencies between the services." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:141 msgid "" "The KCM service is configured in the <quote>kcm</quote> section of the sssd." "conf file. Please note that currently, is it not sufficient to restart the " "sssd-kcm service, because the sssd configuration is only parsed and read to " "an internal configuration database by the sssd service. Therefore you must " "restart the sssd service if you change anything in the <quote>kcm</quote> " "section of sssd.conf. For a detailed syntax reference, refer to the " "<quote>FILE FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:155 msgid "" "The generic SSSD service options such as <quote>debug_level</quote> or " "<quote>fd_limit</quote> are accepted by the kcm service. Please refer to " "the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for a complete list. In addition, " "there are some KCM-specific options as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:166 msgid "socket_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:169 msgid "The socket the KCM service will listen on." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:172 msgid "Default: <replaceable>/var/run/.heim_org.h5l.kcm-socket</replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:182 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>," msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-systemtap.5.xml:10 sssd-systemtap.5.xml:16 #, fuzzy #| msgid "sssd-simple" msgid "sssd-systemtap" msgstr "sssd-simple" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-systemtap.5.xml:17 msgid "SSSD systemtap information" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-systemtap.5.xml:23 #, fuzzy #| msgid "" #| "This manual page only describes attribute name mapping. For detailed " #| "explanation of sudo related attribute semantics, see <citerefentry> " #| "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" #| "citerefentry>" msgid "" "This manual page provides information about the systemtap functionality in " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>." msgstr "" "Cette page de manuel décrit uniquement le mappage de noms d'attribut. Pour " "une explication détaillée des sémantiques d'attributs relatives à sudo, cf. " "<citerefentry><refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-systemtap.5.xml:32 msgid "" "SystemTap Probe points have been added into various locations in SSSD code " "to assist in troubleshooting and analyzing performance related issues." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-systemtap.5.xml:40 msgid "Sample SystemTap scripts are provided in /usr/share/sssd/systemtap/" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-systemtap.5.xml:46 msgid "" "Probes and miscellaneous functions are defined in /usr/share/systemtap/" "tapset/sssd.stp and /usr/share/systemtap/tapset/sssd_functions.stp " "respectively." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-systemtap.5.xml:57 msgid "PROBE POINTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-systemtap.5.xml:59 sssd-systemtap.5.xml:341 msgid "" "The information below lists the probe points and arguments available in the " "following format:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:64 #, fuzzy #| msgid "realm name" msgid "probe $name" msgstr "nom de domaine" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:67 msgid "Description of probe point" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:70 #, no-wrap msgid "" "variable1:datatype\n" "variable2:datatype\n" "variable3:datatype\n" "...\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:80 msgid "Database Transaction Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:84 msgid "probe sssd_transaction_start" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:87 msgid "" "Start of a sysdb transaction, probes the sysdb_transaction_start() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:91 sssd-systemtap.5.xml:105 sssd-systemtap.5.xml:118 #: sssd-systemtap.5.xml:131 #, no-wrap msgid "" "nesting:integer\n" "probestr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:97 msgid "probe sssd_transaction_cancel" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:100 msgid "" "Cancellation of a sysdb transaction, probes the sysdb_transaction_cancel() " "function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:111 msgid "probe sssd_transaction_commit_before" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:114 msgid "Probes the sysdb_transaction_commit_before() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:124 msgid "probe sssd_transaction_commit_after" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:127 msgid "Probes the sysdb_transaction_commit_after() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:141 msgid "LDAP Search Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:145 msgid "probe sdap_search_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:148 msgid "Probes the sdap_get_generic_ext_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:152 sssd-systemtap.5.xml:167 sssd-systemtap.5.xml:196 #, no-wrap msgid "" "base:string\n" "scope:integer\n" "filter:string\n" "probestr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:160 msgid "probe sdap_search_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:163 msgid "Probes the sdap_get_generic_ext_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:175 msgid "probe sdap_deref_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:178 msgid "Probes the sdap_deref_search_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:182 #, no-wrap msgid "" "base_dn:string\n" "deref_attr:string\n" "probestr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:189 msgid "probe sdap_deref_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:192 msgid "Probes the sdap_deref_search_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:208 msgid "LDAP Account Request Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:212 msgid "probe sdap_acct_req_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:215 msgid "Probes the sdap_acct_req_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:219 sssd-systemtap.5.xml:234 #, no-wrap msgid "" "entry_type:int\n" "filter_type:int\n" "filter_value:string\n" "extra_value:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:227 msgid "probe sdap_acct_req_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:230 msgid "Probes the sdap_acct_req_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:246 msgid "LDAP User Search Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:250 msgid "probe sdap_search_user_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:253 msgid "Probes the sdap_search_user_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:257 sssd-systemtap.5.xml:269 sssd-systemtap.5.xml:281 #: sssd-systemtap.5.xml:293 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" #| " " msgid "" "filter:string\n" " " msgstr "" "fallback_homedir = /home/%u\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:262 msgid "probe sdap_search_user_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:265 msgid "Probes the sdap_search_user_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:274 msgid "probe sdap_search_user_save_begin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:277 msgid "Probes the sdap_search_user_save_begin() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:286 msgid "probe sdap_search_user_save_end" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:289 msgid "Probes the sdap_search_user_save_end() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:302 msgid "Data Provider Request Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:306 msgid "probe dp_req_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:309 msgid "A Data Provider request is submitted." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:312 #, no-wrap msgid "" "dp_req_domain:string\n" "dp_req_name:string\n" "dp_req_target:int\n" "dp_req_method:int\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:320 msgid "probe dp_req_done" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:323 msgid "A Data Provider request is completed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:326 #, no-wrap msgid "" "dp_req_name:string\n" "dp_req_target:int\n" "dp_req_method:int\n" "dp_ret:int\n" "dp_errorstr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:339 msgid "MISCELLANEOUS FUNCTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:346 msgid "function acct_req_desc(entry_type)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:349 msgid "Convert entry_type to string and return string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:354 msgid "" "function sssd_acct_req_probestr(fc_name, entry_type, filter_type, " "filter_value, extra_value)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:358 msgid "Create probe string based on filter type" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:363 msgid "function dp_target_str(target)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:366 msgid "Convert target to string and return string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:371 msgid "function dp_method_str(target)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:374 msgid "Convert method to string and return string" msgstr "" #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" msgstr "DÉCOUVERTE DE SERVICE" #. type: Content of: <refsect1><para> #: include/service_discovery.xml:4 msgid "" "The service discovery feature allows back ends to automatically find the " "appropriate servers to connect to using a special DNS query. This feature is " "not supported for backup servers." msgstr "" "La fonctionnalité de découverte de services permet aux moteurs de trouver " "automatiquement les serveurs appropriés auxquels se connecter à l'aide d'une " "requête DNS spéciale. Cette fonctionnalité n'est pas pris en charge pour sur " "les serveurs secondaires." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:9 include/ldap_id_mapping.xml:99 msgid "Configuration" msgstr "Configuration" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:11 msgid "" "If no servers are specified, the back end automatically uses service " "discovery to try to find a server. Optionally, the user may choose to use " "both fixed server addresses and service discovery by inserting a special " "keyword, <quote>_srv_</quote>, in the list of servers. The order of " "preference is maintained. This feature is useful if, for example, the user " "prefers to use service discovery whenever possible, and fall back to a " "specific server when no servers can be discovered using DNS." msgstr "" "Si aucun serveur n'est spécifié, le moteur utilise automatiquement la " "découverte de services pour tenter de trouver un serveur. L'utilisateur peut " "aussi choisir d'utiliser des adresses de serveur et de découverte de " "services fixes en insérant un mot-clé spécial, <quote>_srv_</quote>, dans la " "liste des serveurs. L'ordre de préférence est maintenu. Cette fonctionnalité " "est utile si, par exemple, l'utilisateur préfère utiliser la découverte de " "services chaque fois que possible et se replier vers un serveur spécifique " "lorsqu'aucun serveur ne peut être découvert à l'aide du DNS." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:23 msgid "The domain name" msgstr "Le nom de domaine" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:25 msgid "" "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for more details." msgstr "" "Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " "manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus de détails." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:35 msgid "The protocol" msgstr "Le protocole" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:37 msgid "" "The queries usually specify _tcp as the protocol. Exceptions are documented " "in respective option description." msgstr "" "Les requêtes spécifient généralement _tcp comme protocole. Les exceptions " "sont documentées dans les descriptions respectives des options." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:42 msgid "See Also" msgstr "Voir aussi" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:44 msgid "" "For more information on the service discovery mechanism, refer to RFC 2782." msgstr "" "Pour plus d'informations sur le mécanisme de découverte de services, se " "reporter à la RFC 2782." #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." "io/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) #: include/upstream.xml:1 msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" #. type: Content of: <refsect1><title> #: include/failover.xml:2 msgid "FAILOVER" msgstr "BASCULE" #. type: Content of: <refsect1><para> #: include/failover.xml:4 msgid "" "The failover feature allows back ends to automatically switch to a different " "server if the current server fails." msgstr "" "La fonctionnalité de bascule autorise le moteur à basculer automatiquement " "sur un serveur différent si le serveur actuel est défaillant." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:8 msgid "Failover Syntax" msgstr "Syntaxe de bascule" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:10 msgid "" "The list of servers is given as a comma-separated list; any number of spaces " "is allowed around the comma. The servers are listed in order of preference. " "The list can contain any number of servers." msgstr "" "La liste des serveurs est donnée sous forme de liste séparée par des " "virgules ; un nombre quelconque d'espaces est autorisé autour de la virgule. " "Les serveurs sont répertoriés par ordre de préférence. La liste peut " "contenir un nombre quelconque de serveurs." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:16 msgid "" "For each failover-enabled config option, two variants exist: " "<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is " "that servers in the primary list are preferred and backup servers are only " "searched if no primary servers can be reached. If a backup server is " "selected, a timeout of 31 seconds is set. After this timeout SSSD will " "periodically try to reconnect to one of the primary servers. If it succeeds, " "it will replace the current active (backup) server." msgstr "" "Pour chaque option de configuration alors que la bascule est activée, il " "existe deux variantes : <emphasis>primary</emphasis> et <emphasis>backup</" "emphasis>. L'idée est que les serveurs dans la liste principale sont " "préférés et les serveurs de secours sont interrogés uniquement si aucun " "serveur primaire ne peut être atteint. Si un serveur de secours est " "sélectionné, un délai d'attente de 31 secondes est défini. Après ce délai " "d'attente, SSSD tentera périodiquement de se reconnecter à un des serveurs " "primaires. S'il réussit, il remplacera l'actuel serveur (de secours) actif." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:27 msgid "The Failover Mechanism" msgstr "Mécanisme de bascule" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:29 msgid "" "The failover mechanism distinguishes between a machine and a service. The " "back end first tries to resolve the hostname of a given machine; if this " "resolution attempt fails, the machine is considered offline. No further " "attempts are made to connect to this machine for any other service. If the " "resolution attempt succeeds, the back end tries to connect to a service on " "this machine. If the service connection attempt fails, then only this " "particular service is considered offline and the back end automatically " "switches over to the next service. The machine is still considered online " "and might still be tried for another service." msgstr "" "Le mécanisme de bascule fait la distinction entre une machine et d'un " "service. Le moteur tente d'abord de résoudre le nom d'hôte d'un ordinateur " "donné ; en cas d'échec de cette tentative de résolution, la machine est " "considérée comme hors ligne. Aucune autre tentative n'est faite pour se " "connecter à cette machine pour tout autre service. Si la tentative de " "résolution réussit, le serveur principal tente de se connecter à un service " "sur cette machine. Si la tentative de connexion de service échoue, alors ce " "seul service est considéré comme hors ligne et le moteur passe " "automatiquement au service suivant. La machine est toujours considérée en " "ligne et peut toujours être considérée pour une tentative d'accès à un autre " "service." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:42 msgid "" "Further connection attempts are made to machines or services marked as " "offline after a specified period of time; this is currently hard coded to 30 " "seconds." msgstr "" "Les tentatives de connexion ultérieures sont faites vers des machines ou des " "services marqués comme hors connexion après un délai spécifié ; ce délai est " "actuellement spécifié en dur à 30 secondes." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:47 msgid "" "If there are no more machines to try, the back end as a whole switches to " "offline mode, and then attempts to reconnect every 30 seconds." msgstr "" "S'il n'y a plus aucune machine à essayer, le moteur dans son ensemble " "bascule dans le mode hors connexion et tente ensuite de se reconnecter " "toutes les 30 secondes." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:53 msgid "Failover time outs and tuning" msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:55 msgid "" "Resolving a server to connect to can be as simple as running a single DNS " "query or can involve several steps, such as finding the correct site or " "trying out multiple host names in case some of the configured servers are " "not reachable. The more complex scenarios can take some time and SSSD needs " "to balance between providing enough time to finish the resolution process " "but on the other hand, not trying for too long before falling back to " "offline mode. If the SSSD debug logs show that the server resolution is " "timing out before a live server is contacted, you can consider changing the " "time outs." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 msgid "How long would SSSD talk to a single DNS server." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:86 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_timeout" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:90 msgid "" "How long would SSSD try to resolve a failover service. This service " "resolution internally might include several steps, such as resolving DNS SRV " "queries or locating the site." msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:67 #, fuzzy #| msgid "" #| "All of the common configuration options that apply to SSSD domains also " #| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " #| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " #| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " #| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "This section lists the available tunables. Please refer to their description " "in the <citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, manual page. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" "Toutes les options de configuration communes appliquées aux domaines SSSD " "s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " "DOMAINE</quote> dans la page de manuel <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:100 msgid "" "For LDAP-based providers, the resolve operation is performed as part of an " "LDAP connection operation. Thefore, also the <quote>ldap_opt_timeout></" "quote> timeout should be set to a larger value than " "<quote>dns_resolver_timeout</quote> which in turn should be set to a larger " "value than <quote>dns_resolver_op_timeout</quote>." msgstr "" #. type: Content of: <refsect1><title> #: include/ldap_id_mapping.xml:2 msgid "ID MAPPING" msgstr "CORRESPONDANCE D'IDENTIFIANTS" #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:4 msgid "" "The ID-mapping feature allows SSSD to act as a client of Active Directory " "without requiring administrators to extend user attributes to support POSIX " "attributes for user and group identifiers." msgstr "" "La fonctionnalité de correspondance d'ID permet à SSSD d'agir comme un " "client de Active Directory sans demander aux administrateurs d'étendre les " "attributs utilisateur pour prendre en charge les attributs POSIX pour les " "identifiants d'utilisateur et de groupe." #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:9 msgid "" "NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are " "ignored. This is to avoid the possibility of conflicts between automatically-" "assigned and manually-assigned values. If you need to use manually-assigned " "values, ALL values must be manually-assigned." msgstr "" "Remarque : Lorsque la mise en correspondance des ID est activée, les " "attributs uidNumber et gidNumber sont ignorés. Ceci afin d'éviter les " "risques de conflit entre les valeurs attribuées automatiquement et assignées " "manuellement. Si vous avez besoin d'utiliser des valeurs attribuées " "manuellement, TOUTES les valeurs doivent être assignées manuellement." #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:16 msgid "" "Please note that changing the ID mapping related configuration options will " "cause user and group IDs to change. At the moment, SSSD does not support " "changing IDs, so the SSSD database must be removed. Because cached passwords " "are also stored in the database, removing the database should only be " "performed while the authentication servers are reachable, otherwise users " "might get locked out. In order to cache the password, an authentication must " "be performed. It is not sufficient to use <citerefentry> " "<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry> to remove the database, rather the process consists of:" msgstr "" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:33 msgid "Making sure the remote servers are reachable" msgstr "" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:38 msgid "Stopping the SSSD service" msgstr "Arrêter le service SSSD" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:43 msgid "Removing the database" msgstr "Supprimer la base de donnée" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:48 msgid "Starting the SSSD service" msgstr "Démarrer le service SSSD" #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:52 msgid "" "Moreover, as the change of IDs might necessitate the adjustment of other " "system properties such as file and directory ownership, it's advisable to " "plan ahead and test the ID mapping configuration thoroughly." msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ldap_id_mapping.xml:59 msgid "Mapping Algorithm" msgstr "Algorithme de correspondance" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:61 msgid "" "Active Directory provides an objectSID for every user and group object in " "the directory. This objectSID can be broken up into components that " "represent the Active Directory domain identity and the relative identifier " "(RID) of the user or group object." msgstr "" "Active Directory fournit un objectSID pour chaque objet d'utilisateur et de " "groupe dans l'annuaire. Cet objectSID peut être divisé en composants qui " "représentent l'identité de domaine Active Directory et l'identificateur " "relatif (RID) de l'objet utilisateur ou groupe." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " "into equally-sized component sections - called \"slices\"-. Each slice " "represents the space available to an Active Directory domain." msgstr "" "L'algorithme de mise en correspondance des ID de SSSD tient un éventail " "d'uid disponibles et le divise en sections de même taille, appelées « " "tranches ». Chaque tranche représente l'espace disponible dans un domaine " "Active Directory." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:73 msgid "" "When a user or group entry for a particular domain is encountered for the " "first time, the SSSD allocates one of the available slices for that domain. " "In order to make this slice-assignment repeatable on different client " "machines, we select the slice based on the following algorithm:" msgstr "" "Lorsqu'une entrée d'utilisateur ou de groupe pour un domaine particulier est " "rencontrée pour la première fois, SSSD alloue une des plages disponibles " "pour ce domaine. Afin de rendre cette affectation de plage reproductible sur " "les ordinateurs clients différents, l'algorithme de sélection de plage " "suivant est utilisé :" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:80 msgid "" "The SID string is passed through the murmurhash3 algorithm to convert it to " "a 32-bit hashed value. We then take the modulus of this value with the total " "number of available slices to pick the slice." msgstr "" "La chaîne du SID est passée par l'intermédiaire de l'algorithme murmurhash3 " "pour le convertir en une valeur de hachage de 32 bits. Nous prenons ensuite " "le modulo de cette valeur avec le nombre total des tranches disponibles pour " "prendre la tranche." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:86 msgid "" "NOTE: It is possible to encounter collisions in the hash and subsequent " "modulus. In these situations, we will select the next available slice, but " "it may not be possible to reproduce the same exact set of slices on other " "machines (since the order that they are encountered will determine their " "slice). In this situation, it is recommended to either switch to using " "explicit POSIX attributes in Active Directory (disabling ID-mapping) or " "configure a default domain to guarantee that at least one is always " "consistent. See <quote>Configuration</quote> for details." msgstr "" "Remarque : Il est possible de rencontrer les collisions dans le hachage et " "le modulo en découlant. Dans ces situations, la tranche suivante disponible " "sera sélectionnée, mais il n'est pas possible de reproduire le même jeu " "exact des tranches sur d'autres machines (puisque l'ordre dans lequel elles " "sont rencontrées déterminera leur tranche). Dans ce cas, il est recommandé " "de passer à l'utilisation des attributs POSIX explicites dans Active " "Directory (en désactivant la correspondance d'ID) ou configurer un domaine " "par défaut afin de garantir qu'au moins un est toujours cohérent. Pour plus " "d'informations, voir <quote>Configuration</quote>." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:101 msgid "" "Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):" msgstr "" "Configuration minimale (dans la section <quote>[domain/DOMAINNAME]</" "quote>) :" #. type: Content of: <refsect1><refsect2><para><programlisting> #: include/ldap_id_mapping.xml:106 #, no-wrap msgid "" "ldap_id_mapping = True\n" "ldap_schema = ad\n" msgstr "" "ldap_id_mapping = True\n" "ldap_schema = ad\n" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:111 msgid "" "The default configuration results in configuring 10,000 slices, each capable " "of holding up to 200,000 IDs, starting from 200,000 and going up to " "2,000,200,000. This should be sufficient for most deployments." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><title> #: include/ldap_id_mapping.xml:117 msgid "Advanced Configuration" msgstr "Configuration avancée" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:120 msgid "ldap_idmap_range_min (integer)" msgstr "ldap_idmap_range_min (integer)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:123 msgid "" "Specifies the lower bound of the range of POSIX IDs to use for mapping " "Active Directory user and group SIDs." msgstr "" "Spécifie la limite inférieure de la plage d'ID POSIX à utiliser pour la mise " "en correspondance d'identifiants utilisateurs et groupes Active Directory." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:127 msgid "" "NOTE: This option is different from <quote>min_id</quote> in that " "<quote>min_id</quote> acts to filter the output of requests to this domain, " "whereas this option controls the range of ID assignment. This is a subtle " "distinction, but the good general advice would be to have <quote>min_id</" "quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>" msgstr "" "NOTE : Cette option est différente de <quote>min_id</quote> en ce sens que " "<quote>min_id</quote> agit comme filtre sur le résultat des requêtes vers ce " "domaine, alors que cette option contrôle les plages de correspondance d'ID. " "Il s'agit d'une distinction subtile, mais les bonnes pratiques conseillent " "d'avoir <quote>min_id</quote> inférieur ou égal à " "<quote>ldap_idmap_range_min</quote>" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:137 include/ldap_id_mapping.xml:191 msgid "Default: 200000" msgstr "Par défaut : 200000" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:142 msgid "ldap_idmap_range_max (integer)" msgstr "ldap_idmap_range_max (integer)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:145 msgid "" "Specifies the upper bound of the range of POSIX IDs to use for mapping " "Active Directory user and group SIDs." msgstr "" "Spécifie la limite supérieure de la plage d'ID POSIX à utiliser pour la mise " "en correspondance d'identifiants utilisateurs et groupes Active Directory." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:149 msgid "" "NOTE: This option is different from <quote>max_id</quote> in that " "<quote>max_id</quote> acts to filter the output of requests to this domain, " "whereas this option controls the range of ID assignment. This is a subtle " "distinction, but the good general advice would be to have <quote>max_id</" "quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>" msgstr "" "NOTE : Cette option est différente de <quote>max_id</quote> en ce sens que " "<quote>max_id</quote> agit comme filtre sur le résultat des requêtes vers ce " "domaine, alors que cette option contrôle les plages de correspondance d'ID. " "Il s'agit d'une distinction subtile, mais les bonnes pratiques conseillent " "d'avoir <quote>max_id</quote> supérieur ou égal à " "<quote>ldap_idmap_range_max</quote>" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:159 msgid "Default: 2000200000" msgstr "Par défaut : 2000200000" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:164 msgid "ldap_idmap_range_size (integer)" msgstr "ldap_idmap_range_size (integer)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:167 msgid "" "Specifies the number of IDs available for each slice. If the range size " "does not divide evenly into the min and max values, it will create as many " "complete slices as it can." msgstr "" "Spécifie le nombre d'identifiants pour chaque tranche. Si la taille de la " "plage ne divise pas uniformément dans les valeurs minimale et maximale, des " "tranches complètes seront créées autant que possible." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:173 msgid "" "NOTE: The value of this option must be at least as large as the highest user " "RID planned for use on the Active Directory server. User lookups and login " "will fail for any user whose RID is greater than this value." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:179 msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " "equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:186 msgid "" "It is important to plan ahead for future expansion, as changing this value " "will result in changing all of the ID mappings on the system, leading to " "users with different local IDs than they previously had." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:196 msgid "ldap_idmap_default_domain_sid (string)" msgstr "ldap_idmap_default_domain_sid (chaîne)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:199 msgid "" "Specify the domain SID of the default domain. This will guarantee that this " "domain will always be assigned to slice zero in the ID map, bypassing the " "murmurhash algorithm described above." msgstr "" "Spécifier le SID de domaine du domaine par défaut. Cela garantira que ce " "domaine est toujours affecté à la tranche zéro dans la carte d'ID, sans " "passer par l'algorithme murmurhash décrit ci-dessus." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:210 msgid "ldap_idmap_default_domain (string)" msgstr "ldap_idmap_default_domain (chaîne)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:213 msgid "Specify the name of the default domain." msgstr "Spécifier le nom de domaine par défaut." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:221 msgid "ldap_idmap_autorid_compat (boolean)" msgstr "ldap_idmap_autorid_compat (boolean)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:224 msgid "" "Changes the behavior of the ID-mapping algorithm to behave more similarly to " "winbind's <quote>idmap_autorid</quote> algorithm." msgstr "" "Modifie le comportement de l'algorithme de mise en correspondance des ID " "afin qu'il se comporte de manière identique à celui <quote>idmap_autorid</" "quote> de winbind." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:229 msgid "" "When this option is configured, domains will be allocated starting with " "slice zero and increasing monatomically with each additional domain." msgstr "" "Lorsque cette option est configurée, les domaines seront alloués en " "commençant par la tranche zéro et augmentant de manière monotone pour chaque " "domaine supplémentaire." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:234 msgid "" "NOTE: This algorithm is non-deterministic (it depends on the order that " "users and groups are requested). If this mode is required for compatibility " "with machines running winbind, it is recommended to also use the " "<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at " "least one domain is consistently allocated to slice zero." msgstr "" "Remarque : Cet algorithme n'est pas déterministe (il dépend de l'ordre dans " "lequel utilisateurs et groupes sont invités). Si ce mode est nécessaire pour " "assurer la compatibilité avec les ordinateurs qui utilisent winbind, il est " "recommandé d'utiliser également l'option " "<quote>ldap_idmap_default_domain_sid</quote> pour garantir qu'au moins un " "domaine est systématiquement alloué à la tranche zéro." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:249 msgid "ldap_idmap_helper_table_size (integer)" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:252 msgid "" "Maximal number of secondary slices that is tried when performing mapping " "from UNIX id to SID." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:256 msgid "" "Note: Additional secondary slices might be generated when SID is being " "mapped to UNIX id and RID part of SID is out of range for secondary slices " "generated so far. If value of ldap_idmap_helper_table_size is equal to 0 " "then no additional secondary slices are generated." msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ldap_id_mapping.xml:273 msgid "Well-Known SIDs" msgstr "SID bien connus" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:275 msgid "" "SSSD supports to look up the names of Well-Known SIDs, i.e. SIDs with a " "special hardcoded meaning. Since the generic users and groups related to " "those Well-Known SIDs have no equivalent in a Linux/UNIX environment no " "POSIX IDs are available for those objects." msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:281 msgid "" "The SID name space is organized in authorities which can be seen as " "different domains. The authorities for the Well-Known SIDs are" msgstr "" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:284 msgid "Null Authority" msgstr "Null Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:285 msgid "World Authority" msgstr "World Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:286 msgid "Local Authority" msgstr "Local Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:287 msgid "Creator Authority" msgstr "Creator Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:288 msgid "NT Authority" msgstr "NT Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:289 msgid "Built-in" msgstr "Built-in" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:291 msgid "" "The capitalized version of these names are used as domain names when " "returning the fully qualified name of a Well-Known SID." msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:295 msgid "" "Since some utilities allow to modify SID based access control information " "with the help of a name instead of using the SID directly SSSD supports to " "look up the SID by the name as well. To avoid collisions only the fully " "qualified names can be used to look up Well-Known SIDs. As a result the " "domain names <quote>NULL AUTHORITY</quote>, <quote>WORLD AUTHORITY</quote>, " "<quote> LOCAL AUTHORITY</quote>, <quote>CREATOR AUTHORITY</quote>, <quote>NT " "AUTHORITY</quote> and <quote>BUILTIN</quote> should not be used as domain " "names in <filename>sssd.conf</filename>." msgstr "" #. type: Content of: <varlistentry><term> #: include/param_help.xml:3 msgid "<option>-?</option>,<option>--help</option>" msgstr "<option>-?</option>,<option>--help</option>" #. type: Content of: <varlistentry><listitem><para> #: include/param_help.xml:7 include/param_help_py.xml:7 msgid "Display help message and exit." msgstr "Affiche l'aide et quitte." #. type: Content of: <varlistentry><term> #: include/param_help_py.xml:3 msgid "<option>-h</option>,<option>--help</option>" msgstr "<option>-h</option>,<option>--help</option>" #. type: Content of: <listitem><para> #: include/debug_levels.xml:3 include/debug_levels_tools.xml:3 msgid "" "SSSD supports two representations for specifying the debug level. The " "simplest is to specify a decimal value from 0-9, which represents enabling " "that level and all lower-level debug messages. The more comprehensive option " "is to specify a hexadecimal bitmask to enable or disable specific levels " "(such as if you wish to suppress a level)." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:10 msgid "" "Please note that each SSSD service logs into its own log file. Also please " "note that enabling <quote>debug_level</quote> in the <quote>[sssd]</quote> " "section only enables debugging just for the sssd process itself, not for the " "responder or provider processes. The <quote>debug_level</quote> parameter " "should be added to all sections that you wish to produce debug logs from." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:18 msgid "" "In addition to changing the log level in the config file using the " "<quote>debug_level</quote> parameter, which is persistent, but requires SSSD " "restart, it is also possible to change the debug level on the fly using the " "<citerefentry> <refentrytitle>sss_debuglevel</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry> tool." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:29 include/debug_levels_tools.xml:10 msgid "Currently supported debug levels:" msgstr "Niveaux de débogage actuellement pris en charge :" #. type: Content of: <listitem><para> #: include/debug_levels.xml:32 include/debug_levels_tools.xml:13 msgid "" "<emphasis>0</emphasis>, <emphasis>0x0010</emphasis>: Fatal failures. " "Anything that would prevent SSSD from starting up or causes it to cease " "running." msgstr "" "<emphasis>0</emphasis>, <emphasis>0x0010</emphasis> : défaillances fatales. " "Tout ce qui empêcherait SSSD de démarrer ou provoquerait son arrêt." #. type: Content of: <listitem><para> #: include/debug_levels.xml:38 include/debug_levels_tools.xml:19 msgid "" "<emphasis>1</emphasis>, <emphasis>0x0020</emphasis>: Critical failures. An " "error that doesn't kill SSSD, but one that indicates that at least one major " "feature is not going to work properly." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:45 include/debug_levels_tools.xml:26 msgid "" "<emphasis>2</emphasis>, <emphasis>0x0040</emphasis>: Serious failures. An " "error announcing that a particular request or operation has failed." msgstr "" "<emphasis>2</emphasis>, <emphasis>0x0040</emphasis> : défaillances graves. " "Une erreur qui annonce qu'une requête particulière ou une opération a échoué." #. type: Content of: <listitem><para> #: include/debug_levels.xml:50 include/debug_levels_tools.xml:31 msgid "" "<emphasis>3</emphasis>, <emphasis>0x0080</emphasis>: Minor failures. These " "are the errors that would percolate down to cause the operation failure of 2." msgstr "" "<emphasis>3</emphasis>, <emphasis>0x0080</emphasis> : erreurs mineures. Ce " "sont les erreurs qui seraient susceptibles d'empirer pour provoquer l'erreur " "en 2." #. type: Content of: <listitem><para> #: include/debug_levels.xml:55 include/debug_levels_tools.xml:36 msgid "" "<emphasis>4</emphasis>, <emphasis>0x0100</emphasis>: Configuration settings." msgstr "" "<emphasis>4</emphasis>, <emphasis>0x0100</emphasis> : paramètres de " "configuration." #. type: Content of: <listitem><para> #: include/debug_levels.xml:59 include/debug_levels_tools.xml:40 msgid "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis>: Function data." msgstr "" "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis> : données de " "fonctionnement." #. type: Content of: <listitem><para> #: include/debug_levels.xml:63 include/debug_levels_tools.xml:44 msgid "" "<emphasis>6</emphasis>, <emphasis>0x0400</emphasis>: Trace messages for " "operation functions." msgstr "" "<emphasis>6</emphasis>, <emphasis>0x0400</emphasis> : traçage des fonctions " "opérationnelles." #. type: Content of: <listitem><para> #: include/debug_levels.xml:67 include/debug_levels_tools.xml:48 msgid "" "<emphasis>7</emphasis>, <emphasis>0x1000</emphasis>: Trace messages for " "internal control functions." msgstr "" "<emphasis>7</emphasis>, <emphasis>0x1000</emphasis> : traçage des fonctions " "de contrôles internes." #. type: Content of: <listitem><para> #: include/debug_levels.xml:72 include/debug_levels_tools.xml:53 msgid "" "<emphasis>8</emphasis>, <emphasis>0x2000</emphasis>: Contents of function-" "internal variables that may be interesting." msgstr "" "<emphasis>8</emphasis>, <emphasis>0x2000</emphasis> : contenu des variables " "internes de fonctions pouvent être intéressantes." #. type: Content of: <listitem><para> #: include/debug_levels.xml:77 include/debug_levels_tools.xml:58 msgid "" "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " "tracing information." msgstr "" "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis> : informations de " "traçage de bas niveau." #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" "<emphasis>Exemple</emphasis> : pour suivre erreurs fatales, critiques, " "graves et les données de fonction, utiliser 0x0270." #. type: Content of: <listitem><para> #: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" "<emphasis>Exemple</emphasis> : pour consigner les erreurs fatales, les " "paramètres de configuration, les données de fonction, les messages de trace " "pour les fonctions de contrôle interne, utiliser 0x1310." #. type: Content of: <listitem><para> #: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" "<emphasis>Note</emphasis> : le format des niveaux de débogage a été " "introduit dans la version 1.7.0." #. type: Content of: <listitem><para> #: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Par défaut</emphasis> : 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" "<emphasis> This is an experimental feature, please use https://pagure.io/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" #. type: Content of: <refsect1><title> #: include/local.xml:2 msgid "THE LOCAL DOMAIN" msgstr "LE DOMAINE LOCAL" #. type: Content of: <refsect1><para> #: include/local.xml:4 msgid "" "In order to function correctly, a domain with <quote>id_provider=local</" "quote> must be created and the SSSD must be running." msgstr "" "Pour fonctionner correctement, un domaine avec <quote>id_provider = local</" "quote> doit être créé et SSSD doit s'exécuter." #. type: Content of: <refsect1><para> #: include/local.xml:9 msgid "" "The administrator might want to use the SSSD local users instead of " "traditional UNIX users in cases where the group nesting (see <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>) is needed. The local users are also useful for testing and " "development of the SSSD without having to deploy a full remote server. The " "<command>sss_user*</command> and <command>sss_group*</command> tools use a " "local LDB storage to store users and groups." msgstr "" "L'administrateur peut vouloir utiliser les utilisateurs locaux SSSD au lieu " "des utilisateurs UNIX traditionnels dans les cas où l'imbrication de groupes " "(cf. <citerefentry><refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</" "manvolnum></citerefentry>) est nécessaire. Les utilisateurs locaux sont " "également utiles pour les tests et le développement de SSSD sans avoir à " "déployer un serveur distant complet. Les outils <command>sss_user *</" "command> et <command>sss_group *</command> utilisent alors un stockage local " "de type LDB pour les utilisateurs et les groupes." #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>, </phrase> <phrase condition=\"with_secrets\"> <citerefentry> " "<refentrytitle>sssd-secrets</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>, </phrase> <citerefentry> <refentrytitle>sssd-session-" "recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, " "<citerefentry> <refentrytitle>sss_cache</refentrytitle><manvolnum>8</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_debuglevel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_obfuscate</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_seed</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <phrase condition=" "\"with_ssh\"> <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " "<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> <phrase condition=\"with_stap\"> <citerefentry> " "<refentrytitle>sssd-systemtap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> </phrase>" msgstr "" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:3 msgid "" "An optional base DN, search scope and LDAP filter to restrict LDAP searches " "for this attribute type." msgstr "" "Un DN de base facultatif, une étendue de recherche et un filtre LDAP afin de " "restreindre les recherches LDAP pour ce type d'attribut." #. type: Content of: <listitem><para><programlisting> #: include/ldap_search_bases.xml:9 #, no-wrap msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n" msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:7 msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "syntaxe : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:13 msgid "" "The scope can be one of \"base\", \"onelevel\" or \"subtree\". The scope " "functions as specified in section 4.5.1.2 of http://tools.ietf.org/html/" "rfc4511" msgstr "" "La portée peut être l'une des « base », « onelevel » ou « subtree ». Les " "fonctions de portée sont spécifiées dans la section 4.5.1.2 de http://tools." "ietf.org/html/rfc4511" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:23 msgid "" "For examples of this syntax, please refer to the <quote>ldap_search_base</" "quote> examples section." msgstr "" "Pour obtenir des exemples de cette syntaxe, reportez-vous à la section " "d'exemples <quote>ldap_search_base</quote>." #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:31 msgid "" "Please note that specifying scope or filter is not supported for searches " "against an Active Directory Server that might yield a large number of " "results and trigger the Range Retrieval extension in the response." msgstr "" "Noter que la spécification de portée ou de filtre n'est pas prise en charge " "pour les recherches sur un serveur Active Directory qui serait susceptible " "de produire un grand nombre de résultats et de déclencher l'extension Range " "Retrieval dans sa réponse." #. type: Content of: <para> #: include/autofs_restart.xml:2 msgid "" "Please note that the automounter only reads the master map on startup, so if " "any autofs-related changes are made to the sssd.conf, you typically also " "need to restart the automounter daemon after restarting the SSSD." msgstr "" "Veuillez noter que l'automounter ne lit que la carte maîtresse au démarrage. " "Ainsi, si des modifications liées à autofs sont apportées à sssd.conf, vous " "devrez généralement redémarrer le démon automounter après le redémarrage de " "SSSD" #. type: Content of: <varlistentry><term> #: include/override_homedir.xml:2 msgid "override_homedir (string)" msgstr "override_homedir (chaîne)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:16 msgid "UID number" msgstr "numéro d'UID" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:20 msgid "domain name" msgstr "nom de domaine" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:23 msgid "%f" msgstr "%f" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:24 msgid "fully qualified user name (user@domain)" msgstr "nom d'utilisateur pleinement qualifié (utilisateur@domaine)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:27 msgid "%l" msgstr "" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:28 msgid "The first letter of the login name." msgstr "" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:32 msgid "UPN - User Principal Name (name@REALM)" msgstr "" "UPN - Nom de principal d'utilisateur (User principal name, nom@ROYAUME)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:35 msgid "%o" msgstr "%o" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:37 msgid "The original home directory retrieved from the identity provider." msgstr "" "Le répertoire utilisateur original provenant du fournisseur d'identité." #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:42 msgid "%H" msgstr "%H" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:44 msgid "The value of configure option <emphasis>homedir_substring</emphasis>." msgstr "" "La valeur de l'option de configuration <emphasis>homedir_substring</" "emphasis>." #. type: Content of: <varlistentry><listitem><para> #: include/override_homedir.xml:5 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Réécrit le répertoire personnel de l'utilisateur. Il est possible de fournir " "une valeur absolue ou un patron. Dans le cas d'un patron, les séquences " "suivantes sont substituées :<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <varlistentry><listitem><para><programlisting> #: include/override_homedir.xml:61 #, no-wrap msgid "" "override_homedir = /home/%u\n" " " msgstr "" "override_homedir = /home/%u\n" " " #. type: Content of: <varlistentry><listitem><para> #: include/override_homedir.xml:65 msgid "Default: Not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : Indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <varlistentry><term> #: include/homedir_substring.xml:2 msgid "homedir_substring (string)" msgstr "homedir_substring (chaîne)" #. type: Content of: <varlistentry><listitem><para> #: include/homedir_substring.xml:5 msgid "" "The value of this option will be used in the expansion of the " "<emphasis>override_homedir</emphasis> option if the template contains the " "format string <emphasis>%H</emphasis>. An LDAP directory entry can directly " "contain this template so that this option can be used to expand the home " "directory path for each client machine (or operating system). It can be set " "per-domain or globally in the [nss] section. A value specified in a domain " "section will override one set in the [nss] section." msgstr "" #. type: Content of: <varlistentry><listitem><para> #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "Par défaut : /home" #. type: Content of: <refsect1><title> #: include/ad_modified_defaults.xml:2 include/ipa_modified_defaults.xml:2 msgid "MODIFIED DEFAULT OPTIONS" msgstr "" #. type: Content of: <refsect1><para> #: include/ad_modified_defaults.xml:4 msgid "" "Certain option defaults do not match their respective backend provider " "defaults, these option names and AD provider-specific defaults are listed " "below:" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:9 include/ipa_modified_defaults.xml:9 msgid "KRB5 Provider" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:13 include/ipa_modified_defaults.xml:13 msgid "krb5_validate = true" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:18 msgid "krb5_use_enterprise_principal = true" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:24 msgid "LDAP Provider" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:28 msgid "ldap_schema = ad" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:33 include/ipa_modified_defaults.xml:38 msgid "ldap_force_upper_case_realm = true" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:38 msgid "ldap_id_mapping = true" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 msgid "ldap_sasl_mech = gssapi" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 msgid "ldap_referrals = false" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:53 msgid "ldap_account_expire_policy = ad" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:58 include/ipa_modified_defaults.xml:58 msgid "ldap_use_tokengroups = true" msgstr "" #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" "Certain option defaults do not match their respective backend provider " "defaults, these option names and IPA provider-specific defaults are listed " "below:" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:18 msgid "krb5_use_fast = try" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:23 msgid "krb5_canonicalize = true" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ipa_modified_defaults.xml:29 msgid "LDAP Provider - General" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:33 msgid "ldap_schema = ipa_v1" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:43 msgid "ldap_sasl_mech = GSSAPI" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:48 msgid "ldap_sasl_minssf = 56" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:53 msgid "ldap_account_expire_policy = ipa" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ipa_modified_defaults.xml:64 msgid "LDAP Provider - User options" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:68 msgid "ldap_user_member_of = memberOf" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:73 msgid "ldap_user_uuid = ipaUniqueID" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:78 msgid "ldap_user_ssh_public_key = ipaSshPubKey" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:83 msgid "ldap_user_auth_type = ipaUserAuthType" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ipa_modified_defaults.xml:89 msgid "LDAP Provider - Group options" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:93 msgid "ldap_group_object_class = ipaUserGroup" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:98 msgid "ldap_group_object_class_alt = posixGroup" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:103 msgid "ldap_group_member = member" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:108 msgid "ldap_group_uuid = ipaUniqueID" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:113 msgid "ldap_group_objectsid = ipaNTSecurityIdentifier" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " #~ "running." #~ msgstr "" #~ "<command>sss_debuglevel</command> positionne le niveau de débogage du " #~ "moniteur et des fournisseurs SSSD à <replaceable>NEW_DEBUG_LEVEL</" #~ "replaceable> pendant l'exécution de SSSD." #~ msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" #~ msgstr "<replaceable>NEW_DEBUG

# SOME DESCRIPTIVE TITLE # Copyright (C) YEAR Red Hat # This file is distributed under the same license as the sssd-docs package. # # Translators: # Fabien Archambault , 2012 # Jérôme Fenal , 2012-2014 # jhrozek , 2014 # Fabien Archambault , 2012 # sgallagh , 2012 # sgallagh , 2012 # Jérôme Fenal , 2015. #zanata # Jean-Baptiste Holcroft , 2016. #zanata # Jérôme Fenal , 2016. #zanata msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.15.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" "POT-Creation-Date: 2017-10-20 16:15+0200\n" "PO-Revision-Date: 2016-03-19 03:04-0400\n" "Last-Translator: Jean-Baptiste Holcroft \n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" "fr/)\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "X-Generator: Zanata 3.9.6\n" #. type: Content of: #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sss-certmap.5.xml:5 #: sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 #: sss_obfuscate.8.xml:5 sss_override.8.xml:5 sss_useradd.8.xml:5 #: sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 #: sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 #: sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sssd-ifp.5.xml:5 #: sss_rpcidmapd.5.xml:5 sss_ssh_authorizedkeys.1.xml:5 #: sss_ssh_knownhostsproxy.1.xml:5 idmap_sss.8.xml:5 sssctl.8.xml:5 #: sssd-files.5.xml:5 sssd-secrets.5.xml:5 sssd-session-recording.5.xml:5 #: sssd-kcm.8.xml:5 sssd-systemtap.5.xml:5 msgid "SSSD Manual pages" msgstr "Pages de manuel de SSSD" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 msgid "sss_groupmod" msgstr "sss_groupmod" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sss_groupmod.8.xml:11 pam_sss.8.xml:12 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_override.8.xml:11 #: sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 #: sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 #: sss_cache.8.xml:11 sss_debuglevel.8.xml:11 sss_seed.8.xml:11 #: idmap_sss.8.xml:11 sssctl.8.xml:11 sssd-kcm.8.xml:11 msgid "8" msgstr "8" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupmod.8.xml:16 msgid "modify a group" msgstr "modifier un groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupmod.8.xml:21 msgid "" "<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><title> #: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:57 #: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sss-certmap.5.xml:21 #: sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 #: sss_obfuscate.8.xml:30 sss_override.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 #: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_seed.8.xml:31 #: sssd-ifp.5.xml:21 sss_ssh_authorizedkeys.1.xml:30 #: sss_ssh_knownhostsproxy.1.xml:31 idmap_sss.8.xml:20 sssctl.8.xml:30 #: sssd-files.5.xml:21 sssd-secrets.5.xml:21 sssd-session-recording.5.xml:21 #: sssd-kcm.8.xml:21 sssd-systemtap.5.xml:21 msgid "DESCRIPTION" msgstr "DESCRIPTION" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:32 msgid "" "<command>sss_groupmod</command> modifies the group to reflect the changes " "that are specified on the command line." msgstr "" "<command>sss_groupmod</command> modifie le groupe pour refléter les " "changements spécifiés sur la ligne de commande." #. type: Content of: <reference><refentry><refsect1><title> #: sss_groupmod.8.xml:39 pam_sss.8.xml:64 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 #: sss_cache.8.xml:39 sss_seed.8.xml:42 sss_ssh_authorizedkeys.1.xml:66 #: sss_ssh_knownhostsproxy.1.xml:62 msgid "OPTIONS" msgstr "OPTIONS" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 msgid "" "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" "replaceable>" msgstr "" "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:48 msgid "" "Append this group to groups specified by the <replaceable>GROUPS</" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" "Ajouter ce groupe aux groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" "replaceable> est une liste séparée par des virgules de noms de groupe." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 msgid "" "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" "replaceable>" msgstr "" "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:62 msgid "" "Remove this group from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." msgstr "" "Supprime ce groupe des groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.conf.5.xml:10 sssd.conf.5.xml:16 msgid "sssd.conf" msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sss-certmap.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 #: sssd-krb5.5.xml:11 sssd-ifp.5.xml:11 sss_rpcidmapd.5.xml:27 #: sssd-files.5.xml:11 sssd-secrets.5.xml:11 sssd-session-recording.5.xml:11 #: sssd-systemtap.5.xml:11 msgid "5" msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sss-certmap.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 #: sssd-krb5.5.xml:12 sssd-ifp.5.xml:12 sss_rpcidmapd.5.xml:28 #: sssd-files.5.xml:12 sssd-secrets.5.xml:12 sssd-session-recording.5.xml:12 #: sssd-kcm.8.xml:12 sssd-systemtap.5.xml:12 msgid "File Formats and Conventions" msgstr "Formats de fichier et conventions" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.conf.5.xml:17 msgid "the configuration file for SSSD" msgstr "Le fichier de configuration pour SSSD" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:21 msgid "FILE FORMAT" msgstr "FORMAT DE FICHIER" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:29 #, no-wrap msgid "" "<replaceable>[section]</replaceable>\n" "<replaceable>key</replaceable> = <replaceable>value</replaceable>\n" "<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" " " msgstr "" "<replaceable>[section]</replaceable>\n" "<replaceable>key</replaceable> = <replaceable>value</replaceable>\n" "<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" " " #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:24 msgid "" "The file has an ini-style syntax and consists of sections and parameters. A " "section begins with the name of the section in square brackets and continues " "until the next section begins. An example of section with single and multi-" "valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" "Ce fichier utilise la syntaxe de style « .ini » et est constituée de " "sections et de paramètres. Une section commence par le nom de la section " "entre crochets et continue jusqu'à la section suivante. Un exemple de " "section avec des paramètres mono et multi-valués : <placeholder type=" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:36 msgid "" "The data types used are string (no quotes needed), integer and bool (with " "values of <quote>TRUE/FALSE</quote>)." msgstr "" "Les types de données utilisées sont des chaînes (pas de guillemets " "nécessaires), des entiers et des booléens (ayant pour valeur <quote>TRUE/" "FALSE</quote>)." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 msgid "" "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" "Un commentaire de ligne commence par un octothorpe (<quote>#</quote>) ou un " "point-virgule (<quote>;</quote>). Les commentaires au sein d'une ligne ne " "sont pas pris en charge." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:47 msgid "" "All sections can have an optional <replaceable>description</replaceable> " "parameter. Its function is only as a label for the section." msgstr "" "Toutes les sections peuvent avoir un paramètre facultatif de " "<replaceable>description</replaceable>. Sa fonction ne sert qu'à nommer la " "section." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:53 msgid "" "<filename>sssd.conf</filename> must be a regular file, owned by root and " "only root may read from or write to the file." msgstr "" "<filename>sssd.conf</filename> doit être un fichier normal, appartenant à " "root, et seul root doit pouvoir écrire et lire ce fichier." #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:59 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:62 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" "filename>. This feature is available if SSSD was compiled with libini " "version 1.3.0 or later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:69 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " "(<quote>.</quote>) will be used together with <filename>sssd.conf</filename> " "to configure SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:77 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " "<filename>sssd.conf</filename> when conflicts occur. If several snippets are " "present in <filename>conf.d</filename>, then they are included in " "alphabetical order (based on locale). Files included later have higher " "priority. Numerical prefixes (<filename>01_snippet.conf</filename>, " "<filename>02_snippet.conf</filename> etc.) can help visualize the priority " "(higher number means higher priority)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:91 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>. Which are by default root:root and 0600." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:98 msgid "GENERAL OPTIONS" msgstr "OPTIONS GÉNÉRALES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:100 msgid "Following options are usable in more than one configuration sections." msgstr "" "Les options qui suivent peuvent être utilisées dans plus d'une section de " "configuration." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:104 msgid "Options usable in all sections" msgstr "Options utilisables dans toutes les sections" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:108 msgid "debug_level (integer)" msgstr "debug_level (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:112 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:115 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " "are specified, the value of <replaceable>debug_level</replaceable> will be " "used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:125 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:128 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" "Ajoute un horodatage aux messages de débogage. Si journald est activé pour " "la journalisation de débogage de SSSD, cette option sera ignorée." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:837 #: sssd.conf.5.xml:1467 sssd-ldap.5.xml:1722 sssd-ldap.5.xml:1819 #: sssd-ldap.5.xml:1881 sssd-ldap.5.xml:2447 sssd-ldap.5.xml:2512 #: sssd-ldap.5.xml:2530 sssd-ad.5.xml:211 sssd-ad.5.xml:325 sssd-ad.5.xml:862 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Par défaut : true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:138 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:141 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" "Ajouter les microsecondes à l'horodatage dans les messages de débogage. Si " "journald est activé pour la journalisation de débogage de SSSD, cette option " "sera ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:721 #: sssd.conf.5.xml:1400 sssd.conf.5.xml:2865 sssd-ldap.5.xml:708 #: sssd-ldap.5.xml:1596 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1791 #: sssd-ldap.5.xml:2217 sssd-ipa.5.xml:145 sssd-ipa.5.xml:232 #: sssd-ipa.5.xml:540 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2255 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:155 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Options utilisables dans les sections SERVICE et DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:159 msgid "timeout (integer)" msgstr "timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:162 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " "that after three missed heartbeats the process will terminate itself." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:169 sssd.conf.5.xml:1352 sssd.conf.5.xml:2881 #: sssd-ldap.5.xml:1467 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Par défaut : 10" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:179 msgid "SPECIAL SECTIONS" msgstr "SECTIONS SPÉCIALES" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:182 msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> #: sssd.conf.5.xml:191 sssd.conf.5.xml:2970 msgid "Section parameters" msgstr "Paramètres de sections" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:193 msgid "config_file_version (integer)" msgstr "config_file_version (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:196 msgid "" "Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " "version 2." msgstr "" "Indique la syntaxe du fichier de configuration. Pour SSSD 0.6.0 ou " "supérieure utiliser la version 2." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:202 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:205 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " "platforms where systemd is supported, as they will either be socket or dbus " "activated when needed. </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:214 msgid "" "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> " "<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition=" "\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</" "phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" msgstr "" "Les services pris en charge : nss, pam <phrase condition=\"with_sudo\">, " "sudo</phrase> <phrase condition=\"with_autofs\"> ,autofs</phrase> <phrase " "condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder" "\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:222 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " "\"systemctl enable sssd-@service@.socket\". </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:231 sssd.conf.5.xml:613 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:234 sssd.conf.5.xml:616 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" "Nombre d'essais de reconnection ou de redémarrage que les services doivent " "effectuer dans le cas d'un plantage du fournisseur de données avant " "d'abandonner" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:239 sssd.conf.5.xml:621 msgid "Default: 3" msgstr "Par défaut : 3" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:244 msgid "domains" msgstr "domaines" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:247 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " "start. This parameter describes the list of domains in the order you want " "them to be queried. A domain name should only consist of alphanumeric ASCII " "characters, dashes, dots and underscores." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:259 sssd.conf.5.xml:2508 msgid "re_expression (string)" msgstr "re_expression (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:262 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" "L'expression régulière par défaut qui décrit la manière d'analyser la chaîne " "contenant le nom d'utilisateur et de domaine dans ces composants." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:267 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " "for more info on these regular expressions." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:276 sssd.conf.5.xml:2559 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:279 sssd.conf.5.xml:2562 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " "fully qualified name from user name and domain name components." msgstr "" "Un format compatible avec<citerefentry> <refentrytitle>printf</" "refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant comment " "composer un domaine pleinement qualifé à partir des noms d'utilisateur et de " "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:290 sssd.conf.5.xml:2573 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:291 sssd.conf.5.xml:2574 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:294 sssd.conf.5.xml:2577 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:297 sssd.conf.5.xml:2580 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:303 sssd.conf.5.xml:2586 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:306 sssd.conf.5.xml:2589 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" "nom de domaine à plat. Utilisable principalement pour les domaines Active " "Directory, configurés directement ou découverts via les relations " "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:287 sssd.conf.5.xml:2570 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" "Les expansions suivantes sont prises en charge : <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" "Each domain can have an individual format string configured. see DOMAIN " "SECTIONS for more info on this option." msgstr "" "Chaque domaine peut avoir une chaîne de format individuelle configurée. " "Voir les SECTIONS DOMAINE pour plus d'informations sur cette option." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 msgid "try_inotify (boolean)" msgstr "try_inotify (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 msgid "" "SSSD monitors the state of resolv.conf to identify when it needs to update " "its internal DNS resolver. By default, we will attempt to use inotify for " "this, and will fall back to polling resolv.conf every five seconds if " "inotify cannot be used." msgstr "" "SSSD gère l'état de resolv.conf pour identifier les besoins de mise à jour " "des résolutions DNS internes. Par défaut, l'utilisation de inotify sera " "tentée, et reviendra à une interrogation de resolv.conf toutes les cinq " "secondes si inotify échoue." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:333 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " "to 'false'" msgstr "" "Il existe quelques cas spécifiques où l'utilisation de inotify n'est pas " "conseillée. Dans ces rares cas, cette option devrait être définie à « false »" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:339 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" "Par défaut : true sur les plates-formes où inotify est pris en charge. False " "sur les autres plates-formes." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:343 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" "Note : cette option n'aura aucun effet sur les plateformes où inotify n'est " "pas disponible. Sur celles-ci, l'interrogation régulière sera toujours " "utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:350 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:353 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" "Répertoire du système de fichiers où SSSD doit stocker les fichiers de cache " "de rejeu Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:357 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" "Cette option accepte une valeur spéciale __LIBKRB5_DEFAULTS__ qui indiquera " "à SSSD de laisser libkrb5 décider l'emplacement approprié pour le cache de " "relecture." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:363 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" "Par défaut : paramètre spécifique à la distribution et spécifié au moment de " "la construction du logiciel. (__LIBKRB5_DEFAULTS__ si non configuré)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:370 msgid "user (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:373 msgid "" "The user to drop the privileges to where appropriate to avoid running as the " "root user. <phrase condition=\"have_systemd\"> This option does not work " "when running socket-activated services, as the user set up to run the " "processes is set up during compilation time. The way to override the " "systemd unit files is by creating the appropriate files in /etc/systemd/" "system/. Keep in mind that any change in the socket user, group or " "permissions may result in a non-usable SSSD. The same may occur in case of " "changes of the user running the NSS responder. </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:391 msgid "Default: not set, process will run as root" msgstr "Par défaut : non défini, le processus tourne en tant que root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:396 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:399 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " "domain is intended for managing host policies and all users are located in a " "trusted domain. The option allows those users to log in just with their " "user name without giving a domain name as well." msgstr "" "Cette chaîne servira comme nom de domaine par défaut pour tous les noms sans " "composant de nom de domaine. Les principaux cas d'utilisation sont les " "environnements où le domaine principal va permettre de gérer les politiques " "de systèmes ainsi que tous les utilisateur provenant d'un domaine approuvé. " "L'option permet à ces utilisateurs de se connecter sans fournir un nom de " "domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:409 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " "Setting this option changes default of use_fully_qualified_names to True. It " "is not allowed to use this option together with use_fully_qualified_names " "set to False." msgstr "" "Noter que, si cette option est définie, tous les utilisateurs du domaine " "principal doivent utiliser leur nom pleinement qualifié, par exemple " "user@domain.name, pour se connecter. L'utilisation de cette option modifie " "la valeur par défaut de use_fully_qualified_names à True. Il n'est pas " "possible ni autorisé d'utiliser cette option avec l'option " "use_fully_qualified_names à False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:418 sssd.conf.5.xml:1156 sssd-ldap.5.xml:679 #: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1567 sssd-ldap.5.xml:1649 #: sssd-ad.5.xml:667 sssd-ad.5.xml:742 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 #: include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:423 msgid "override_space (string)" msgstr "override_space (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:426 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " ""john_doe" This feature was added to help compatibility with shell " "scripts that have difficulty handling spaces, due to the default field " "separator in the shell." msgstr "" "Ce paramètre remplace les espaces avec le caractère indiqués pour les noms " "d'utilisateurs et de groupes, par ex. (_). Ainsi, le nom "john " "doe" deviendra "john_doe". Cette fonctionnalité a été ajoutée " "pour aider à la compatibilité avec les scripts shells qui ont des " "difficultés à gérer les espaces, du fait que l'espace est le séparateur par " "défaut de l'interpréteur de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:435 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " "character SSSD tries to return the unmodified name but in general the result " "of a lookup is undefined." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:443 msgid "Default: not set (spaces will not be replaced)" msgstr "Par défaut : non défini (les espaces ne seront pas remplacées)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:448 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:456 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:458 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " "the client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:466 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:468 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:474 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:476 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " "default responder e.g. http://example.com:80/ocsp." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 msgid "" "This option must be used together with ocsp_default_responder_signing_cert." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:490 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 msgid "" "The nickname of the cert to trust (expected) to sign the OCSP responses. " "The certificate with the given nickname must be available in the systems NSS " "database." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 msgid "This option must be used together with ocsp_default_responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:504 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:507 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:513 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:516 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:521 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:526 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:531 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:534 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:548 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:551 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " "domains as the missing domains will be looked up based on the order they're " "presented in the <quote>domains</quote> configuration option. The " "subdomains which are not listed as part of <quote>lookup_order</quote> will " "be looked up in a random order for each parent domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:563 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input. In case " "the administrator wants the output not fully-qualified, the full_name_format " "option can be used as shown below: <quote>full_name_format=%1$s</quote> " "However, keep in mind that during login, login applications often " "canonicalize the username by calling <citerefentry> <refentrytitle>getpwnam</" "refentrytitle> <manvolnum>3</manvolnum> </citerefentry> which, if a " "shortname is returned for a qualified input (while trying to reach a user " "which exists in multiple domains) might re-route the login attempt into the " "domain which users shortnames, making this workaround totally not " "recommended in cases where usernames may overlap between domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:587 sssd.conf.5.xml:1364 sssd.conf.5.xml:2931 #: sssd-ad.5.xml:148 sssd-ad.5.xml:286 sssd-ad.5.xml:300 msgid "Default: Not set" msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:184 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " "managed by a special service frequently called <quote>monitor</quote>. The " "<quote>[sssd]</quote> section is used to configure the monitor as well as " "some other important options like the identity domains. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" "Les fonctionnalités propres à SSSD sont fournies par des services " "spécifiques SSSD, qui sont démarrés et arrêtés en même temps que SSSD. Les " "services sont gérés par un service spécifique souvent appelé le " "<quote>moniteur</quote>. La section <quote>[sssd]</quote> est utilisée pour " "configurer le moniteur ainsi que certaines options importantes comme " "l'identité des domaines. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:598 msgid "SERVICES SECTIONS" msgstr "SECTIONS DE SERVICES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:600 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " "section, for example, for NSS service, the section would be <quote>[nss]</" "quote>" msgstr "" "Les options utilisables pour configurer les différents services sont " "décrites dans cette section. Ils doivent être situés dans la section " "[<replaceable>$NAME</replaceable>], par exemple pour le service NSS, la " "section doit être <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:607 msgid "General service configuration options" msgstr "Options générales de configuration de service" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:609 msgid "These options can be used to configure any service." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:626 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:629 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " "the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " "systems without this capability, the resulting value will be the lower value " "of this or the limits.conf \"hard\" limit." msgstr "" "Cette option spécifie le nombre maximal de descripteurs de fichiers qui " "peuvent être ouverts en même temps par ce processus SSSD. Sur les systèmes " "où SSSD se voit accorder la capacité CAP_SYS_RESOURCE, ce sera une limite " "absolue. Sur les systèmes sans cette capacité, la valeur résultante sera la " "valeur inférieure ou la limite « hard » de limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:638 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:643 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:646 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system. The timeout " "can't be shorter than 10 seconds. If a lower value is configured, it will be " "adjusted to 10 seconds." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:655 sssd.conf.5.xml:687 sssd.conf.5.xml:968 #: sssd.conf.5.xml:1222 sssd-ldap.5.xml:1294 msgid "Default: 60" msgstr "Par défaut : 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:660 msgid "offline_timeout (integer)" msgstr "offline_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:663 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. This " "value is in seconds and calculated by the following:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:670 msgid "offline_timeout + random_offset" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:673 msgid "" "The random offset can increment up to 30 seconds. After each unsuccessful " "attempt to go online, the new interval is recalculated by the following:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:678 msgid "new_interval = old_interval*2 + random_offset" msgstr "new_interval = old_interval*2 + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:681 msgid "" "Note that the maximum length of each interval is currently limited to one " "hour. If the calculated length of new_interval is greater than an hour, it " "will be forced to one hour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:692 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:695 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " "resource exhaustion on the system. The minimum acceptable value for this " "option is 60 seconds. Setting this option to 0 (zero) means that no timeout " "will be set up to the responder. This option only has effect when SSSD is " "built with systemd support and when services are either socket or dbus " "activated." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:709 sssd.conf.5.xml:980 sssd.conf.5.xml:1559 #: sssd-ldap.5.xml:722 msgid "Default: 300" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:714 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:717 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:729 msgid "NSS configuration options" msgstr "Options de configuration NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:731 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" "Ces options peuvent être utilisées pour configurer le service Name Service " "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:736 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:739 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" "La durée en secondes pendant laquelle nss_sss doit mettre en cache les " "énumérations (requêtes sur les informations de tous les utilisateurs)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:743 msgid "Default: 120" msgstr "Par défaut : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:748 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:751 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " "for the domain." msgstr "" "La valeur du cache peut être définie pour mettre à jour automatiquement les " "entrées en arrière plan si la requête ne dépasse pas un pourcentage de la " "valeur de entry_cache_timeout pour le domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:757 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " "after 15 seconds past the last cache update will be returned immediately, " "but the SSSD will go and update the cache on its own, so that future " "requests will not need to block waiting for a cache update." msgstr "" "Par exemple, si la valeur entry_cache_timeout du domaine est à 30 secondes " "et que entry_cache_nowait_percentage est à 50 (%), les entrées qui veulent " "mettre à jour le cache après 15 secondes seront renvoyées immédiatement, " "mais SSSD continuera et mettra à jour le cache de lui-même. Ainsi, les " "prochaines requêtes ne seront pas bloquées en attendant une mise à jour du " "cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:767 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " "percentage will never reduce the nowait timeout to less than 10 seconds. (0 " "disables this feature)" msgstr "" "Les valeurs autorisées pour cette option vont de 0 à 99 et représentent un " "pourcentage de la valeur entry_cache_timeout pour chaque domaine. Pour des " "raisons de performance, ce pourcentage ne réduira jamais le délai d'attente " "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:775 sssd.conf.5.xml:1421 msgid "Default: 50" msgstr "Par défaut : 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:780 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:783 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " "before asking the back end again." msgstr "" "Spécifie le temps, en secondes, pendant lequel nss_sss doit mettre en cache " "les résultats négatifs du cache (c'est-à-dire les requêtes pour les bases de " "données invalides, comme celles qui n'existent pas) avant de faire à nouveau " "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:789 sssd.conf.5.xml:1445 msgid "Default: 15" msgstr "Par défaut : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:794 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:797 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:802 sssd.conf.5.xml:1210 sssd.conf.5.xml:2815 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:807 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:810 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " "from the particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:817 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " "NSS. E.g. a group having a member group filtered out will still have the " "member users of the latter listed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:825 msgid "Default: root" msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:830 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:833 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" "Mettre cette option à « false » si les utilisateurs filtrés doivent rester " "membres de groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:844 msgid "fallback_homedir (string)" msgstr "fallback_homedir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:847 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" "Définir un modèle par défaut pour un répertoire utilisateur si aucun n'est " "explicitement spécifié par le fournisseur de données du domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:852 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" "Les valeurs disponibles pour cette option sont les mêmes que pour " "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:858 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" " " msgstr "" "fallback_homedir = /home/%u\n" " " #. type: Content of: <varlistentry><listitem><para> #: sssd.conf.5.xml:856 sssd.conf.5.xml:1289 sssd.conf.5.xml:1308 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:862 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Par défaut : non défini (aucune substitution pour les répertoires d'accueil " "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:868 msgid "override_shell (string)" msgstr "override_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:871 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " "or per-domain." msgstr "" "Écrase l'interpréteur de commande à utiliser pour tous les utilisateurs. " "Cette option prend le pas sur toutes les autres options d'interpréteur de " "commande si elle est en action, et peut être indiquée au choix soit dans la " "section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:877 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:883 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:886 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" "Restreindre l'interpréteur de commandes de l'utilisateur à l'une des valeurs " "indiquées. L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:889 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" "quote>, il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:893 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" "2. Si l'interpréteur de commandes est dans la liste « allowed_shells » mais " "n'est pas dans <quote>/etc/shells</quote>, la valeur de repli de « " "shell_fallback » sera utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:898 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" "3. Si l'interpréteur de commandes n'est ni dans la liste « allowed_shells » " "ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:903 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:906 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " "allowed shells in allowed_shells would be to much overhead." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:913 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est " "à la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:916 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" "Le fichier <quote>/etc/shells</quote> n'est lu qu'au démarrage de SSSD. Un " "redémarrage de SSSD est nécessaire si un nouvel interpréteur de commandes " "est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:920 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " "utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:925 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:928 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" "Remplace toutes les occurences de ces interpréteurs de commandes par " "l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:933 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:936 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" "L'interpréteur de commandes par défaut à utiliser si un interpréteur de " "commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:940 msgid "Default: /bin/sh" msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:945 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:948 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" "L'interpréteur de commande par défaut à utiliser si le fournisseur n'en " "renvoie pas un lors de la recherche. Cette option peut être indiquée au " "choix soit dans la section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:954 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" "Par défaut : non défini (retourne NULL si aucun shell n'est spécifié et " "s'appuyer sur la libc pour remplacer par quelque chose de sensé lorsque " "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:961 sssd.conf.5.xml:1215 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:964 sssd.conf.5.xml:1218 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" "Spécifie la durée en secondes pendant laquelle la liste de sous-domaines est " "jugée valide." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:973 msgid "memcache_timeout (int)" msgstr "memcache_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:976 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:983 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:991 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:994 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " "attributes is controlled by this option. It is handled the same way as the " "<quote>user_attributes</quote> option of the InfoPipe responder (see " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for details) but with no default values." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1007 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1012 msgid "Default: not set, fallback to InfoPipe option" msgstr "Par défaut : non défini, repli sur l'option InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1017 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1020 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> #: sssd.conf.5.xml:1025 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1028 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1036 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1038 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" "Ces options permettent de configurer le service Pluggable Authentication " "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1043 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1046 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" "Si le fournisseur d'authentification est déconnecté, combien de temps " "autoriser les connexions à partir du cache (en jours depuis la dernière " "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1051 sssd.conf.5.xml:1064 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1057 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1060 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" "Si le fournisseur d'authentification est déconnecté, combien de connexions " "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1070 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1073 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" "Le temps en minutes à attendre après avoir atteint " "offline_failed_login_attempts avant qu'une nouvelle tentative de connexion " "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1078 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " "authentication can enable offline authentication again." msgstr "" "Si la valeur est à 0, l'utilisateur ne peut s'authentifier en mode " "déconnecté si offline_failed_login_attempts est atteint. Seulement une " "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1084 sssd.conf.5.xml:1182 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1090 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1093 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" "Contrôle le type de messages affichés à l'utilisateur pendant le processus " "d'authentification. Plus le nombre est grand, plus le nombre de messages " "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1098 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1101 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1104 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1108 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1111 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1115 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1121 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1124 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " "responses sent to pam_sss e.g. messages displayed to the user or environment " "variables which should be set by pam_sss." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1132 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1139 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1140 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1143 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1144 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1148 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1149 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1137 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1159 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1165 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1168 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " "ensure that authentication takes place with the latest information." msgstr "" "Lors de chaque requête PAM quand SSSD est en mode connecté, SSSD tentera de " "mettre à jour immédiatement les informations d'identité mises en cache pour " "l'utilisateur de manière à s'assurer que l'authentification se fasse avec " "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1174 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" "client-application basis) how long (in seconds) we can cache the identity " "information to avoid excessive round-trips to the identity provider." msgstr "" "Une conversation PAM complète peut effectuer plusieurs requêtes PAM, comme " "la gestion de compte et l'ouverture de session. Cette option contrôle (par " "client et par application) la durée (en secondes) de mise en cache des " "informations d'identité afin d'éviter de nombreux aller-retour avec le " "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1188 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1191 sssd.conf.5.xml:2010 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1194 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning." msgstr "" "Noter que le moteur du service doit fournir des informations à propos du " "délai d'expiration du mot de passe. Si cette information est manquante, sssd " "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1200 sssd.conf.5.xml:2013 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" "Si la valeur est zéro, ce filtre n'est pas appliqué, c'est-à-dire que si " "l'avertissement d'expiration est reçu de la part du moteur du serveur, il " "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1205 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" "Ce paramètre peut être surchargé par le paramètre " "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1227 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1230 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " "included in this list can only access domains marked as public with " "<quote>pam_public_domains</quote>. User names are resolved to UIDs at " "startup." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1240 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1244 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1251 msgid "pam_public_domains (string)" msgstr "pam_public_domains (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1254 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1258 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Deux valeurs spéciales pour l'option pam_public_domains sont définies :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1262 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" "all (tous les utilisateurs non dignes de confiance sont autorisés à accéder " "à tous les domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1266 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" "none (les utilisateurs non dignes de confiance, Untrusted, ne sont pas " "autorisés à accéder à un des domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1270 sssd.conf.5.xml:1295 sssd.conf.5.xml:1314 #: sssd.conf.5.xml:1807 sssd.conf.5.xml:2751 sssd-ldap.5.xml:1850 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1275 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1278 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1283 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:1291 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1300 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1303 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:1310 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1319 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1322 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " "authentication process this option is disabled by default." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1328 sssd-ldap.5.xml:1078 sssd-ldap.5.xml:1105 #: sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1417 sssd-ldap.5.xml:1923 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1333 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1336 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1340 msgid "Default: /etc/pki/nssdb (NSS version)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1345 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1348 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1357 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1360 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1373 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1375 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to work with " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry> are in the manual page <citerefentry> <refentrytitle>sssd-" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" "Ces options peuvent être utilisées pour configurer le service sudo. Les " "directives de configuration de <citerefentry> <refentrytitle>sudo</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> dans <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " "sont détaillées dans la page de manuel <citerefentry> <refentrytitle>sssd-" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1392 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1395 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" "Évaluation ou non des attributs sudoNotBefore et sudoNotAfter qui utilisent " "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1407 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "sudo_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1410 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " "<quote>rules refresh</quote> mechanism. If the threshold is exceeded a " "<quote>full refresh</quote> of sudo rules is triggered instead. This " "threshold number also applies to IPA sudo command and command group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1429 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1431 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1435 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1438 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" "Spécifie le délai en secondes pendant lequel le répondeur autofs stocke les " "réponses négatives (autrement dit, les requêtes pour les entrées de mappage " "non valide, comme celles qui n'existent pas) avant de demander à nouveau au " "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1454 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1456 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1460 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1463 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1472 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1475 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" "La durée en secondes pendant laquelle conserver un système dans le fichier " "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1479 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1484 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1487 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1492 msgid "Default: /etc/pki/nssdb" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1500 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1502 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " "PAC data during a GSSAPI authentication to the PAC responder. The sub-domain " "provider collects domain SID and ID ranges of the domain the client is " "joined to and of remote trusted domains from the local domain controller. If " "the PAC is decoded and evaluated some of the following operations are done:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:1511 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " "GID will have the same value as the UID. The home directory is set based on " "the subdomain_homedir parameter. The shell will be empty by default, i.e. " "the system defaults are used, but can be overwritten with the default_shell " "parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:1519 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" "S'il y a des SID de groupes des domaines connus de sssd, l'utilisateur sera " "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1525 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1529 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1532 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " "startup." msgstr "" "Spécifie la liste séparée par des virgules des UID ou noms d'utilisateurs " "qui sont autorisés à accéder au répondeur PAC. Les noms d'utilisateurs " "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1538 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1542 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " "access the PAC responder, which would be the typical case, you have to add 0 " "to the list of allowed UIDs as well." msgstr "" "Noter que bien que l'UID 0 est utilisé par défaut, il sera remplacé par " "cette option. Si vous voulez continuer à permettre à l'utilisateur root à " "accéder au répondeur PAC, ce qui serait un cas habituel, vous devez ajouter " "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:1551 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1554 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:1567 #, fuzzy #| msgid "PAC responder configuration options" msgid "Session recording configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1569 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the AD provider for " #| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" #| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " #| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " #| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" #| "citerefentry> manual page." msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>, a part of tlog package, to log what users see and type when " "they log in on a text terminal. See also <citerefentry> <refentrytitle>sssd-" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" "Cette page de manuel décrit la configuration du fournisseur AD pour " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Pour une référence détaillée sur la syntaxe, cf. la section " "<quote>FORMAT DE FICHIER</quote> de la page de manuel <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:1582 #, fuzzy #| msgid "These options can be used to configure any service." msgid "These options can be used to configure session recording." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1586 sssd-session-recording.5.xml:64 #, fuzzy #| msgid "user (string)" msgid "scope (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1593 sssd-session-recording.5.xml:71 #, fuzzy #| msgid "none" msgid "\"none\"" msgstr "none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1596 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1601 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1604 sssd-session-recording.5.xml:82 #, fuzzy #| msgid "" #| "Append this user to groups specified by the <replaceable>GROUPS</" #| "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter " #| "is a comma separated list of group names." msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" "Ajouter cet utilisateur aux groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" "replaceable> est une liste séparée par des virgules de noms de groupes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1613 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1616 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1589 sssd-session-recording.5.xml:67 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder type=\"variablelist" #| "\" id=\"0\"/>" msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Les expansions suivantes sont prises en charge : <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1623 sssd-session-recording.5.xml:101 #, fuzzy #| msgid "Default: none" msgid "Default: \"none\"" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1628 sssd-session-recording.5.xml:106 #, fuzzy #| msgid "user (string)" msgid "users (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1631 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " "replacement, case changes, etc." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1637 sssd-session-recording.5.xml:115 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. Matches no users." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:1642 sssd-session-recording.5.xml:120 #, fuzzy #| msgid "user (string)" msgid "groups (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1645 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " "possible space replacement, case changes, etc." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1651 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " "retrieving and matching the groups the user is member of." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:1668 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1675 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1678 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " "be present or generated. Only objects from POSIX domains are available to " "the operating system interfaces and utilities." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1686 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1690 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>) and the PAM responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1698 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1702 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1706 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1712 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1715 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" "Limites UID et GID pour le domaine. Si un domaine contient une entrée en " "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1720 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" "primary group memberships, those that are in range will be reported as " "expected." msgstr "" "Pour les utilisateurs, cela affecte la limite des GID primaires. " "L'utilisateur ne sera pas renvoyé vers NSS si l'UID ou le GID primaire sont " "en dehors de la plage. Pour l'appartenance à un groupe non primaire, ceux " "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1727 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" "Ces limites d'identifiants affecte aussi les mises en cache des entrées, et " "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1731 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1737 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1740 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" "Détermine si un domaine peut être énuméré. Ce paramètre peut avoir une des " "valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1744 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1747 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1750 sssd.conf.5.xml:1965 sssd.conf.5.xml:2132 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1753 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " "to fully complete enumerations. During this time, individual requests for " "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing. Saving a large number of entries to cache " "after the enumeration completes might also be CPU intensive as the " "memberships have to be recomputed." msgstr "" "Note : activer l'énumération a un impact modéré sur les performances de SSSD " "lorsque l'énumération est en cours. Plusieurs minutes peuvent être " "nécessaires après le démarrage de SSSD pour terminer l'énumération complète. " "Pendant ce temps, les requêtes individuelles pour des informations iront " "directement vers LDAP, bien que plus lent et ce à cause de la charge " "importante liée au processus d'énumération. Le fait de mettre un grand " "nombre d'entrées en cache lorsque l'énumération est terminée peut être " "également intensif pour le CPU, car les appartenances aux groupes doivent " "être recalculées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1766 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" "Lorsque la première énumération est en cours, les requêtes pour des listes " "utilisateurs ou de groupes peuvent retourner des résultats vides avant que " "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1771 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " "enumeration lookups are completed successfully. For more information, refer " "to the man pages for the specific id_provider in use." msgstr "" "De plus, activer l'énumération peut augmenter le temps nécessaire pour " "détecter la déconnexion d'un réseau, puisque des délais d'attente supérieurs " "sont nécessaires pour s'assurer que les requêtes d'énumération se terminent " "avec succès. Pour plus d'informations, se référer au manuel pour le " "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1779 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" "Pour les raisons citées plus haut, l'activation de l'énumération est " "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1787 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1794 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1795 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1798 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1799 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1790 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " "Optionally, a list of one or more domain names can enable enumeration just " "for these trusted domains." msgstr "" "Les domaines approuvés auto-détectés doivent-ils être énumérés ?\n" "Les valeurs prises en charge sont : <placeholder type=\"variablelist\" id=" "\"0\"/> \n" "De manière facultative, une liste d'un ou plusieurs noms de domaines peut " "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1813 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1816 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées " "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1820 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " "for newly added or expired entries. You should run the <citerefentry> " "<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry> tool in order to force refresh of entries that have already " "been cached." msgstr "" "Les horodatages d'expiration de cache sont stockés en tant qu'attributs des " "objets individuels dans le cache. Il en découle que la modification du délai " "d'expiration du cache ne sera pris en compte que pour les entrées qui y sont " "nouvellement ajoutées, ou pour celles qui ont expiré. Vous devriez utiliser " "l'outil <citerefentry> <refentrytitle>sss_cache</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> de manière à forcer un " "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1833 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1839 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1842 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées " "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1846 sssd.conf.5.xml:1859 sssd.conf.5.xml:1872 #: sssd.conf.5.xml:1885 sssd.conf.5.xml:1898 sssd.conf.5.xml:1912 #: sssd.conf.5.xml:1926 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1852 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1855 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1865 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1868 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1878 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1881 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" "La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1891 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1894 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" "La durée en secondes pendant laquelle sudo doit considérer les règles comme " "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1904 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1907 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" "La durée en secondes pendant laquelle le service autofs doit considérer les " "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1918 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1921 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" "La durée en secondes pendant laquelle conserver une clé ssh d'hôte après " "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1932 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1935 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" "Indique la durée en secondes pendant laquelle SSSD doit attendre avant de " "déclencher une tâche en arrière-plan qui rafraichira tous les " "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1940 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1944 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1948 sssd-ldap.5.xml:746 sssd-ipa.5.xml:248 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1954 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1957 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1961 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1971 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1974 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1981 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1986 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:1992 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1995 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " "value of this parameter must be greater than or equal to " "offline_credentials_expiration." msgstr "" "Durée en jours pendant laquelle les entrées sont stockées dans le cache " "après la dernière connexion réussie, avant d'être enlevées lors du nettoyage " "du cache. 0 signifie qu'elles sont conservées indéfiniment. La valeur de ce " "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2002 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2007 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2018 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning. Also an auth provider has to be configured for the " "backend." msgstr "" "Veuillez noter que le moteur du service doit fournir des informations à " "propos du délai d'expiration du mot de passe. Si cette information est " "manquante, sssd ne peut afficher de message d'alerte. De plus, un " "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2025 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2031 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2034 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" "Le fournisseur d'identification utilisé pour le domaine. Les fournisseurs " "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2038 msgid "<quote>proxy</quote>: Support a legacy NSS provider" msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2041 sssd.conf.5.xml:2178 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2045 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on configuring LDAP." msgstr "" "<quote>ldap</quote> : fournisseur LDAP. Cf. " "<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2053 sssd.conf.5.xml:2158 sssd.conf.5.xml:2213 #: sssd.conf.5.xml:2276 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "FreeIPA." msgstr "" "<quote>ipa</quote> : fournisseur FreeIPA et Red Hat Enterprise Identity " "Management. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> pour plus d'informations sur la " "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2062 sssd.conf.5.xml:2167 sssd.conf.5.xml:2222 #: sssd.conf.5.xml:2285 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Active Directory." msgstr "" "<quote>ad</quote> : fournisseur Active Directory. Cf. " "<citerefentry><refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration " "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2073 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2076 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" "Utiliser le nom complet et le domaine (comme formaté par le paramètre " "full_name_format du domaine) comme nom de connexion de l'utilisateur " "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2081 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " "<command>getent passwd test</command> wouldn't find the user while " "<command>getent passwd test@LOCAL</command> would." msgstr "" "Si défini à TRUE, toutes les requêtes pour ce domaine doivent utiliser des " "noms pleinement qualifiés. Par exemple, pour un utilisateur « test » dans un " "domaine LOCAL, <command>getent passwd test</command> ne trouvera pas " "l'utilisateur avant que <command>getent passwd test@LOCAL</command> ne le " "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2089 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " "will be searched when an unqualified name is requested." msgstr "" "NOTE : Cette option n'a pas d'effet sur les recherches de netgroups, du fait " "de leur tendance à inclure des groupes imbriqués sans noms qualifiés. Pour " "les netgroups, la recherche se fera dans tous les domaines lorsqu'un nom non " "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2096 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Par défaut : false (true si default_domain_suffix est utilisée)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2102 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2105 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2108 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " "calls, such as <citerefentry> <refentrytitle>getgrnam</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry> or <citerefentry> " "<refentrytitle>getgrgid</refentrytitle> <manvolnum>3</manvolnum> </" "citerefentry>. As an effect, <quote>getent group $groupname</quote> would " "return the requested group as if it was empty." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2126 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " "members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2137 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2140 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" "Le fournisseur d'authentification utilisé pour le domaine. Les fournisseurs " "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2144 sssd.conf.5.xml:2206 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" "<quote>ldap</quote> pour une authentification LDAP native. Cf. " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2151 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" "<quote>krb5</quote> pour une authentification Kerberos. Cf. <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2175 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> pour relayer l'authentification vers d'autres cibles " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2182 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2185 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2191 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2194 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " "Internal special providers are:" msgstr "" "Le fournisseur de contrôle d'accès utilisé pour le domaine. Il y a deux " "fournisseurs d'accès natifs (en plus de ceux disponibles dans les moteurs " "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2200 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" "<quote>permit</quote> toujours autoriser l'accès. C'est le seul fournisseur " "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2203 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2230 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for more information on configuring the simple " "access module." msgstr "" "Contrôle d'accès <quote>simple</quote> basé sur des listes d'autorisations " "ou de refus d'accès. Cf. <citerefentry> <refentrytitle>sssd-simple</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> pour plus " "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2237 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" "citerefentry> for more information on configuring Kerberos." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2244 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2247 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2252 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2255 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" "Le fournisseur qui doit gérer le changement des mots de passe pour le " "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2260 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2268 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" "<quote>krb5</quote> pour changer le mot de passe Kerberos. Cf. " "<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'informations sur la configuration de " "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2293 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "<quote>proxy</quote> pour relayer le changement de mot de passe vers une " "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2297 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2300 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" "Par défaut : <quote>auth_provider</quote> est utilisé si il est défini et " "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2307 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2310 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2314 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" "<quote>ldap</quote> pour les règles stockés dans LDAP. Voir " "<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2322 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" "<quote>ipa</quote> identiqué à <quote>ldap</quote> mais avec les paramètres " "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2326 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" "<quote>ipa</quote> identiqué à <quote>ldap</quote> mais avec les paramètres " "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2330 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2333 sssd.conf.5.xml:2411 sssd.conf.5.xml:2476 #: sssd.conf.5.xml:2501 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2337 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>. There are many configuration " "options that can be used to adjust the behavior. Please refer to " "\"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2354 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2357 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " "providers are:" msgstr "" "Le fournisseur qui doit gérer le chargement des paramètres de selinux. " "Remarque : ce fournisseur sera appelé juste après la fin de l'appel au " "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2363 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charger les paramètres selinux depuis un serveur " "IPA. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2371 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2374 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2380 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2383 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" "Le fournisseur doit être capable de gérer la récupération des sous-" "domaines. Cette valeur doit être toujours identique à id_provider. Les " "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2389 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charger une liste de sous-domaines depuis un serveur " "IPA. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus d'informations sur la configuration de " "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2398 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "the AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2407 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2417 #, fuzzy #| msgid "selinux_provider (string)" msgid "session_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2420 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " "Commander, which works only with IPA. Supported session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2427 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2431 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2435 #, fuzzy #| msgid "" #| "Default: <quote>id_provider</quote> is used if it is set and can handle " #| "selinux loading requests." msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" "Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2442 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2445 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" "Le fournisseur autofs utilisé pour le domaine. Les fournisseurs autofs pris " "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2449 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" "<quote>ldap</quote> pour charger les cartes stockées dans LDAP. Cf. " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'informations sur la configuration de " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2456 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charger les cartes stockées sur un serveur IPA. Cf. " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour plus d'information sur la configuration de " "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2464 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring the AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2473 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2483 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2486 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" "Le fournisseur utilisé pour récupérer les informations d'identité des " "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2490 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" "<quote>ipa</quote> pour charge l'identité du système stockée sur un serveur " "IPA. Cf. <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> pour plus d'informations sur la " "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2498 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2511 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " "match either the SSSD configuration domain name, or, in the case of IPA " "trust subdomains and Active Directory domains, the flat (NetBIOS) name of " "the domain." msgstr "" "L'expression rationnelle pour ce domaine qui décrit comment analyser la " "chaîne contenant le nom d'utilisateur et domaine et en extraire ces " "composants. Le « domaine » peut correspondre à soit au nom de domaine de la " "configuration SSSD, ou, dans le cas de relations d'approbations avec des " "sous-domaines IPA ou des domaines Active Directory, le nom plat (NetBIOS) du " "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2520 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" "P<name>[^@\\\\]+)$))</quote> which allows three different styles for " "user names:" msgstr "" "Valeur par défaut pour les fournisseurs AD et IPA : <quote>(((?P<" "domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<" "domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> qui utilisent trois " "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:2525 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:2528 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:2531 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2534 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" "Bien que les deux premiers correspondent à la valeur par défaut en général " "le troisième est introduit pour permettre une intégration facile des " "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2539 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " "sign, the domain everything after that\"" msgstr "" "Par défaut : <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "qui se traduit par « peu importe le nom jusqu'au <quote>@</quote>, peu " "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2545 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " "version 7 or higher can support non-unique named subpatterns." msgstr "" "REMARQUE : la prise en charge de sous-motifs nommés multiples n'est pas " "disponible sur certaines plates-formes (par exemple, RHEL5 et SLES10). " "Seules les plates-formes avec libpcre version 7 ou supérieure peuvent " "prendre en charge les sous-motifs nommés multiples." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2552 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" "REMARQUE ADDITIONNELLE : les anciennes versions de libpcre ne supportent que " "la syntaxe Python (?P<name>) pour nommer les sous-motifs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2599 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2605 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2608 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" "Fournit la possibilité de sélectionner la famille d'adresse préférée à " "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2612 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2615 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2618 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2621 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2624 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2627 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2633 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2636 #, fuzzy #| msgid "" #| "Defines the amount of time (in seconds) to wait for a reply from the DNS " #| "resolver before assuming that it is unreachable. If this timeout is " #| "reached, the domain will continue to operate in offline mode." msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " "If this timeout is reached, the domain will continue to operate in offline " "mode." msgstr "" "Délai (en secondes) d'attente de la réponse du résolveur DNS avant de " "considérer qu'il est injoignable. Si ce délai maximum est atteint, le " "domaine continuera à opérer en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2643 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2648 sssd-ldap.5.xml:1278 sssd-ldap.5.xml:1320 #: sssd-ldap.5.xml:1338 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2654 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2657 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" "Si la découverte de services est utilisé par le moteur, spécifie la partie " "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2661 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2667 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2670 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2676 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2684 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2687 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2693 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2695 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2699 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2702 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " "protocol names) are still lowercased in the output." msgstr "" "Comme False (insensible à la casse), mais ne convertit pas les noms en " "minuscules lors des opérations NSS. Notez que les alias de noms (et dans le " "cas des services les noms de protocoles) sont toujours en minuscule dans la " "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2679 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2714 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2720 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2723 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " "Currently the following options can be inherited:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2729 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2732 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2735 sssd-ldap.5.xml:1111 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2738 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2741 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd.conf.5.xml:2747 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" " " msgstr "" "subdomain_inherit = ldap_purge_cache_timeout\n" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2745 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2754 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2761 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2772 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2773 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2764 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " "possible values. In addition to those, the expansion below can only be used " "with <emphasis>subdomain_homedir</emphasis>. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" "Utiliser ce répertoire utilisateur comme valeur par défaut pour tous les " "sous-domaines dans cette relation d'approbation Active Directory. Voir " "<emphasis>override_homedir</emphasis> pour des informations sur les valeurs " "possibles. En plus de celles-ci, le remplacement ci-dessous ne peut être " "utilisé qu'avec <emphasis>subdomain_homedir</emphasis>. <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2778 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "La valeur peut être surchargée par l'option <emphasis>override_homedir</" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2782 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2787 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2790 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" "Étiquettes diverses stockées par le service de configuration de realmd pour " "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2796 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2799 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " "the online mode." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2805 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2809 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:1670 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Ces options de configuration peuvent être présentes dans la section de " "configuration du domaine, c'est-à-dire dans la section nommée <quote>[domain/" "<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" " "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2827 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2830 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2833 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" "Par défaut : non défini, il faut utiliser une configuration de pam existante " "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2841 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2844 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " "for example _nss_files_getpwent." msgstr "" "Le nom de la bibliothèque NSS à utiliser dans les domaines proxy. Les " "recherches de fonctions NSS dans la bibliothèque sont sous la forme _nss_" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2854 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2857 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " "name was an alias. Setting this option to true would cause the SSSD to " "perform the ID lookup from cache for performance reasons." msgstr "" "Quand un utilisateur ou un groupe est recherché par son nom dans le " "fournisseur proxy, une deuxième recherche par ID est effectuée pour " "récupérer le nom canonique, dans le cas où le nom demandé serait un alias. " "Cette option positionnée à true active la recherche par l'ID dans le cache " "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:2871 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2874 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " "slots, which would cause some issues due to the requests being queued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:2823 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" "Options valides pour les domaines proxy. <placeholder type=\"variablelist\" " "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:2890 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2892 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " "applications as a gateway to an LDAP directory where users and groups are " "stored. However, contrary to the traditional SSSD deployment where all users " "and groups either have POSIX attributes or those attributes can be inferred " "from the Windows SIDs, in many cases the users and groups in the application " "support scenario have no POSIX attributes. Instead of setting a " "<quote>[domain/<replaceable>NAME</replaceable>]</quote> section, the " "administrator can set up an <quote>[application/<replaceable>NAME</" "replaceable>]</quote> section that internally represents a domain with type " "<quote>application</quote> optionally inherits settings from a tradition " "SSSD domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2912 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " "application domain and its POSIX sibling domain is set correctly." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> #: sssd.conf.5.xml:2918 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2920 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2923 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " "application settings that augment or override the <quote>sibling</quote> " "domain settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2937 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " "through the NSS responder. In addition, the application domain also requests " "the telephoneNumber attribute, stores it as the phone attribute in the cache " "and makes the phone attribute reachable through the D-Bus interface." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> #: sssd.conf.5.xml:2945 #, no-wrap msgid "" "[sssd]\n" "domains = appdom, posixdom\n" "\n" "[ifp]\n" "user_attributes = +phone\n" "\n" "[domain/posixdom]\n" "id_provider = ldap\n" "ldap_uri = ldap://ldap.example.com\n" "ldap_search_base = dc=example,dc=com\n" "\n" "[application/appdom]\n" "inherit_from = posixdom\n" "ldap_user_extra_attrs = phone:telephoneNumber\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:2963 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:2965 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " "<replaceable>id_provider=local</replaceable>." msgstr "" "Cette section contient les paramètres pour le domaine qui stocke les " "utilisateurs et les groupes dans la base de données native SSSD, c'est-à-" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2972 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2975 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2979 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2984 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2987 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" "Les outils ajoutent le nom d'utilisateur à <replaceable>base_directory</" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:2992 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:2997 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3000 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" "Indique si un dossier personnel doit être créé par défaut pour les nouveaux " "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3004 sssd.conf.5.xml:3016 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3009 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3012 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" "Indiquer si un dossier personnel doit par défaut être supprimé à la " "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3021 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3024 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " "on a newly created home directory." msgstr "" "Utilisé par <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> pour spécifier les permissions par " "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3032 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3037 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3040 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" "Le répertoire squelette contenant les fichiers et répertoires à copier dans " "le répertoire personnel de l'utilisateur une fois ce répertoire créé par " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3050 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3055 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3058 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " "default value is used." msgstr "" "Le répertoire de gestion des e-mails. Nécessaire pour manipuler les boîtes e-" "mail quand les comptes utilisateurs sont modifiés ou supprimés. Si non " "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3065 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:3070 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3073 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " "return code of the command is not taken into account." msgstr "" "La commande qui est exécutée quand un utilisateur est supprimé. La commande " "a comme seul argument le nom de l'utilisateur qui doit être supprimé. Le " "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:3079 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:3089 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3091 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" "<replaceable>DOMAIN_NAME</replaceable>/<replaceable>TRUSTED_DOMAIN_NAME</" "replaceable>]</quote>. Where DOMAIN_NAME is the actual joined-to base " "domain. Please refer to examples below for explanation. Currently supported " "options in the trusted domain section are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3098 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3099 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3100 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3101 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3102 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3103 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3104 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3105 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3106 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3108 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:3114 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:3120 #, no-wrap msgid "" "[sssd]\n" "domains = LDAP\n" "services = nss, pam\n" "config_file_version = 2\n" "\n" "[nss]\n" "filter_groups = root\n" "filter_users = root\n" "\n" "[pam]\n" "\n" "[domain/LDAP]\n" "id_provider = ldap\n" "ldap_uri = ldap://ldap.example.com\n" "ldap_search_base = dc=example,dc=com\n" "\n" "auth_provider = krb5\n" "krb5_server = kerberos.example.com\n" "krb5_realm = EXAMPLE.COM\n" "cache_credentials = true\n" "\n" "min_id = 10000\n" "max_id = 20000\n" "enumerate = False\n" msgstr "" "[sssd]\n" "domains = LDAP\n" "services = nss, pam\n" "config_file_version = 2\n" "\n" "[nss]\n" "filter_groups = root\n" "filter_users = root\n" "\n" "[pam]\n" "\n" "[domain/LDAP]\n" "id_provider = ldap\n" "ldap_uri = ldap://ldap.example.com\n" "ldap_search_base = dc=example,dc=com\n" "\n" "auth_provider = krb5\n" "krb5_server = kerberos.example.com\n" "krb5_realm = EXAMPLE.COM\n" "cache_credentials = true\n" "\n" "min_id = 10000\n" "max_id = 20000\n" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3116 #, fuzzy #| msgid "" #| "The following example shows a typical SSSD config. It does not describe " #| "configuration of the domains themselves - refer to documentation on " #| "configuring domains for more details. <placeholder type=\"programlisting" #| "\" id=\"0\"/>" msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " "configuring domains for more details. <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" "L'exemple suivant montre une configuration SSSD classique. Il ne décrit pas " "la configuration des domaines. Se référer à la documentation sur la " "configuration des domaines pour plus de détails. <placeholder type=" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:3153 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" "use_fully_qualified_names = false\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:3147 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " "domain (ipa.com) has trust with AD domain(ad.com). ad.com has child domain " "(child.ad.com). To enable shortnames in the child domain the following " "configuration should be used. <placeholder type=\"programlisting\" id=\"0\"/" ">" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 msgid "sssd-ldap" msgstr "sssd-ldap" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap.5.xml:17 msgid "SSSD LDAP provider" msgstr "Fournisseur LDAP SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 msgid "" "This manual page describes the configuration of LDAP domains for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for detailed syntax information." msgstr "" "Ce manuel décrit la configuration des domaines LDAP pour <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>. Se référer à la section <quote>FILE FORMAT</quote> du manuel " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour des informations sur la syntaxe détaillée." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:35 msgid "You can configure SSSD to use more than one LDAP domain." msgstr "" "Il est possible de configurer SSSD pour utiliser plus d'un domaine LDAP." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:38 msgid "" "LDAP back end supports id, auth, access and chpass providers. If you want to " "authenticate against an LDAP server either TLS/SSL or LDAPS is required. " "<command>sssd</command> <emphasis>does not</emphasis> support authentication " "over an unencrypted channel. If the LDAP server is used only as an identity " "provider, an encrypted channel is not needed. Please refer to " "<quote>ldap_access_filter</quote> config option for more information about " "using LDAP as an access provider." msgstr "" "Le moteur de traitement LDAP prend en charge les fournisseurs id, auth, " "access et chpass. Si vous voulez vous authentifier sur un serveur LDAP, il " "vous faut utiliser TLS/SSL ou LDAPS. <command>sssd</command> <emphasis>ne " "prend pas en charge</emphasis> l'authentification sur un canal non chiffré. " "Si le serveur LDAP est utilisé seulement comme fournisseur d'identité, un " "canal crypté n'est pas nécessaire. Se référer aux options de configurations " "<quote>ldap_access_filter</quote> pour plus d'information sur l'utilisation " "en tant que fournisseur d'accès." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:75 sssd-ad.5.xml:99 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" msgstr "OPTIONS DE CONFIGURATION" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri, ldap_backup_uri (string)" msgstr "ldap_uri, ldap_backup_uri (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 msgid "" "Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " "should connect in the order of preference. Refer to the <quote>FAILOVER</" "quote> section for more information on failover and server redundancy. If " "neither option is specified, service discovery is enabled. For more " "information, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" "Spécifie par ordre de préférence la liste séparée par des virgules d'URI des " "serveurs LDAP auquel doit se connecter SSSD. Se reporter à la section de " "<quote>BASCULE</quote> pour plus d'informations sur le repli et la " "redondance de serveurs. Si aucune de ces options n'est spécifiée, la " "découverte d'un service est activé. Pour plus d'informations, se reporter à " "la section de <quote>DÉCOUVERTE DE SERVICE</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:70 sssd-secrets.5.xml:264 msgid "The format of the URI must match the format defined in RFC 2732:" msgstr "" "Le format de l'URI doit correspondre au format définit dans la RFC 2732 :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:73 msgid "ldap[s]://<host>[:port]" msgstr "ldap[s]://<host>[:port]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:76 msgid "" "For explicit IPv6 addresses, <host> must be enclosed in brackets []" msgstr "" "Pour les adresses explicitement en IPv6, le composant <host> doit être " "entre crochets []" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:79 msgid "example: ldap://[fc00::126:25]:389" msgstr "exemple : ldap://[fc00::126:25]:389" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:85 msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)" msgstr "ldap_chpass_uri, ldap_chpass_backup_uri (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:88 msgid "" "Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " "should connect in the order of preference to change the password of a user. " "Refer to the <quote>FAILOVER</quote> section for more information on " "failover and server redundancy." msgstr "" "Spécifie la liste d'URI séparée par des virgules des serveurs LDAP auquel " "doit se connecter DSSD par ordre de préférence pour changer le mot de passe " "d'un utilisateur. Reportez-vous à la section de <quote>bascule</quote> pour " "plus d'informations sur le repli et la redondance de serveurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:95 msgid "To enable service discovery ldap_chpass_dns_service_name must be set." msgstr "" "Pour activer la découverte de services, ldap_chpass_dns_service_name doit " "être défini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:99 msgid "Default: empty, i.e. ldap_uri is used." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:105 msgid "ldap_search_base (string)" msgstr "ldap_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:108 msgid "The default base DN to use for performing LDAP user operations." msgstr "" "Le DN de base par défaut à utiliser pour effectuer les opérations LDAP sur " "les utilisateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:112 msgid "" "Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " "syntax:" msgstr "" "À partir de SSSD 1.7.0, SSSD prend en charge plusieurs bases de recherche à " "l'aide de la syntaxe :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:116 msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:119 msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." msgstr "La portée peut être l'une des « base », « onelevel » ou « subtree »." #. type: Content of: <listitem><para> #: sssd-ldap.5.xml:122 include/ldap_search_bases.xml:18 msgid "" "The filter must be a valid LDAP search filter as specified by http://www." "ietf.org/rfc/rfc2254.txt" msgstr "" "Le filtre doit être un filtre de recherche LDAP valide tel que spécifié par " "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:270 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:129 msgid "" "ldap_search_base = dc=example,dc=com (which is equivalent to) " "ldap_search_base = dc=example,dc=com?subtree?" msgstr "" "ldap_search_base = dc=example,dc=com (ce qui équivaut à) ldap_search_base = " "dc=example,dc=com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:134 msgid "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" msgstr "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:137 msgid "" "Note: It is unsupported to have multiple search bases which reference " "identically-named objects (for example, groups with the same name in two " "different search bases). This will lead to unpredictable behavior on client " "machines." msgstr "" "Remarque : Il est n'est pas possible d'avoir plusieurs bases de recherche " "qui référencent des objets portant le même nom (par exemple, les groupes " "portant le même nom dans deux bases de recherche différents). Cela conduira " "à un comportement imprévisible sur les ordinateurs clients." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:144 msgid "" "Default: If not set, the value of the defaultNamingContext or namingContexts " "attribute from the RootDSE of the LDAP server is used. If " "defaultNamingContext does not exist or has an empty value namingContexts is " "used. The namingContexts attribute must have a single value with the DN of " "the search base of the LDAP server to make this work. Multiple values are " "are not supported." msgstr "" "Par défaut : si non définie, les valeurs des attributs defaultNamingContext " "ou namingContexts du RootDSE du serveur LDAP sont utilisées. Si " "defaultNamingContext n'existe pas ou a une valeur vide, namingContexts est " "utilisé. Les attributs namingContexts doivent avoir une seule valeur avec un " "DN de base de recherche pour le serveur LDAP pour que cela fonctionne. Des " "valeurs multiples ne sont pas permises." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:158 msgid "ldap_schema (string)" msgstr "ldap_schema (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:161 msgid "" "Specifies the Schema Type in use on the target LDAP server. Depending on " "the selected schema, the default attribute names retrieved from the servers " "may vary. The way that some attributes are handled may also differ." msgstr "" "Spécifie le type de schéma utilisé sur le serveur LDAP cible. Selon le " "schéma sélectionné, les noms d'attributs par défaut provenant des serveurs " "peuvent varier. La manière dont certains attributs sont traités peut-être " "également différer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:168 msgid "Four schema types are currently supported:" msgstr "Quatre types de schéma sont actuellement pris en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:172 msgid "rfc2307" msgstr "rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:177 msgid "rfc2307bis" msgstr "rfc2307bis" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:182 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:187 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:193 msgid "" "The main difference between these schema types is how group memberships are " "recorded in the server. With rfc2307, group members are listed by name in " "the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, " "group members are listed by DN and stored in the <emphasis>member</emphasis> " "attribute. The AD schema type sets the attributes to correspond with Active " "Directory 2008r2 values." msgstr "" "La principale différence entre ces types de schéma est la façon dont les " "appartenances aux groupes sont enregistrés dans le serveur. Avec rfc2307, " "les membres du groupe sont répertoriées par nom dans l'attribut " "<emphasis>memberUid</emphasis>. Avec rfc2307bis et IPA, les membres du " "groupe sont répertoriés par DN et stockées dans l'attribut de " "<emphasis>member</emphasis>. Le type de schéma AD définit les attributs " "correspondant aux valeurs d'Active Directory 2008r2." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:203 msgid "Default: rfc2307" msgstr "Par défaut : rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Le DN de connexion par défaut à utiliser pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:219 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:222 msgid "The type of the authentication token of the default bind DN." msgstr "" "Le type de jeton d'authentification pour le DN de connexion par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:226 msgid "The two mechanisms currently supported are:" msgstr "Les deux mécanismes actuellement pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:229 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:232 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:235 msgid "Default: password" msgstr "Par défaut : password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:241 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:244 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" "Le jeton d'authentification pour le DN de connexion par défaut. Seuls les " "mots de passe en clair sont actuellement pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:251 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:254 msgid "The object class of a user entry in LDAP." msgstr "La classe d'objet d'une entrée utilisateur dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:257 msgid "Default: posixAccount" msgstr "Par défaut : posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:263 msgid "ldap_user_name (string)" msgstr "ldap_user_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:266 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" "L'attribut LDAP correspondant à l'identifiant de connexion de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:270 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:277 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:280 msgid "The LDAP attribute that corresponds to the user's id." msgstr "L'attribut LDAP correspondant à l'id de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:284 msgid "Default: uidNumber" msgstr "par défaut : uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:290 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:293 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" "L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:297 sssd-ldap.5.xml:920 msgid "Default: gidNumber" msgstr "Par défaut : gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:303 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:306 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" "quote> provider with ID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:312 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:318 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:321 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "L'attribut LDAP correspondant au champ gecos de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:325 msgid "Default: gecos" msgstr "Par défaut : gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:331 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:334 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "L'attribut LDAP qui contient le nom du répertoire personnel de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:338 msgid "Default: homeDirectory" msgstr "Par défaut : homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:344 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:347 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "L'attribut LDAP qui contient le chemin vers l'interpréteur de commandes de " "l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:351 msgid "Default: loginShell" msgstr "Par défaut : loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:357 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:360 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:364 sssd-ldap.5.xml:946 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" "Par défaut : non défini dans le cas général, objectGUID pour AD et " "ipaUniqueID pour IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:371 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:374 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" "L'attribut LDAP qui contient l'objectSID d'un objet d'utilisateur LDAP. Ceci " "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:379 sssd-ldap.5.xml:961 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:386 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:389 sssd-ldap.5.xml:971 sssd-ldap.5.xml:1194 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" "L'attribut LDAP qui contient l'horodatage de la dernière modification de " "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:393 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1201 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:399 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:402 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " "the last password change)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (date de changement du dernier mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:412 msgid "Default: shadowLastChange" msgstr "Par défaut : shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:418 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:421 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " "password age)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie<citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (durée de validité minimum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:430 msgid "Default: shadowMin" msgstr "Par défaut : shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:436 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:439 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " "password age)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (âge maximum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:448 msgid "Default: shadowMax" msgstr "Par défaut : shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:454 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:457 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password warning period)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (période d'avertissement du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:467 msgid "Default: shadowWarning" msgstr "Par défaut : shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:473 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:476 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password inactivity period)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le " "nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (période d'inactivité du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:486 msgid "Default: shadowInactive" msgstr "Par défaut : shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " "<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> counterpart (account expiration date)." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=shadow ou " "ldap_account_expire_policy=shadow, ce paramètre contient le nom de " "l'attribut LDAP correspondant à sa contrepartie <citerefentry> " "<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> (date d'expiration du compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:505 msgid "Default: shadowExpire" msgstr "Par défaut : shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:511 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " "kerberos." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=mit_kerberos, ce paramètre contient " "le nom de l'attribut LDAP stockant la date et l'heure du dernier changement " "de mot de passe dans kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:520 msgid "Default: krbLastPwdChange" msgstr "Par défaut : krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:526 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:529 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" "Lors de l'utilisation de ldap_pwd_policy=mit_kerberos, ce paramètre contient " "le nom de l'attribut LDAP stockant la date et l'heure d'expiration du mot de " "passe actuel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:535 msgid "Default: krbPasswordExpiration" msgstr "Par défaut : krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:541 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:544 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=ad, ce paramètre " "contient le nom d'un attribut LDAP stockant la date d'expiration du compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:549 msgid "Default: accountExpires" msgstr "Par défaut : accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:555 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:558 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=ad, ce paramètre " "contient le nom d'un attribut LDAP stockant le champ de bits de contrôle du " "compte utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:563 msgid "Default: userAccountControl" msgstr "Par défaut : userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:569 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:572 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=rhds ou équivalent, ce " "paramètre détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:577 msgid "Default: nsAccountLock" msgstr "Par défaut : nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:583 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:586 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=nds, cet attribut " "détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 msgid "Default: loginDisabled" msgstr "Par défaut : loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:596 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:599 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=nds, cet attribut " "détermine jusqu'à quand l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:610 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:613 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" "Lors de l'utilisation de ldap_account_expire_policy=nds, cet attribut " "détermine les heures des jours dans la semaine pendant lesquelles l'accès " "est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:618 msgid "Default: loginAllowedTimeMap" msgstr "Par défaut : loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:624 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:627 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" "L'attribut LDAP contenant le nom du principal d'utilisateur (UPN) Kerberos " "de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:631 msgid "Default: krbPrincipalName" msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:637 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:640 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" "Liste séparée par des virgules des attributs LDAP que SSSD va demander en " "plus des attributs utilisateur habituels." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:645 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " "LDAP attribute name is specified, the attribute is saved to the cache " "verbatim. Using a custom SSSD attribute name might be required by " "environments that configure several SSSD domains with different LDAP schemas." msgstr "" "La liste ne peut contenir que des noms d'attributs LDAP, ou des tuples " "séparés par des virgules de nom d'attribut de cache et nom d'attribut LDAP. " "Dans le cas où seul le nom d'un attribut LDAP est indiqué, l'attribut est " "enregistré tel quel dans le cache. L'utilisation d'un nom d'attribut SSSD " "peut être nécessaire pour les environnements configurant plusieurs domaines " "SSSD utilisant des schémas LDAP différents." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:655 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " "reserved attribute names is used as an extra attribute name." msgstr "" "Veuillez noter que plusieurs noms d'attributs sont réservés par SSSD, dont " "l'attribut <quote>name</quote>. SSSD émettrait une erreur si l'un des noms " "d'attributs réservés est utilisé par un nom d'attribut supplémentaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:665 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:668 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" "Enregistrer l'attribut LDAP <quote>telephoneNumber</quote> en tant que " "<quote>telephoneNumber</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:672 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:675 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" "Enregistrer l'attribut LDAP <quote>telephoneNumber</quote> en tant que " "<quote>phone</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:685 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:688 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:692 msgid "Default: sshPublicKey" msgstr "Par défaut : sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:698 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:701 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " "fail. Set this option to a non-zero value if you want to use an upper-case " "realm." msgstr "" "Certains serveurs d'annuaire, comme par exemple Active Directory, peuvent " "délivrer la partie domaine de l'UPN en minuscules, ce qui peut faire échouer " "l'authentification. Définir cette option à une valeur non nulle pour " "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:714 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:717 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" "Spécifie la durée en secondes pendant laquelle SSSD doit attendre avant " "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:728 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:731 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " "space." msgstr "" "Détermine la fréquence de vérification de la présence d'entrées inactives " "dans le cache (telles que groupes sans membres et utilisateurs ne s'étant " "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:737 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " "to detect entries removed from the server and can't be disabled. By default, " "the cleanup task will run every 3 hours with enumeration enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:752 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:755 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1226 #: sssd-ldap.5.xml:2276 sssd-ipa.5.xml:588 msgid "Default: cn" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:765 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:768 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:772 msgid "Default: memberOf" msgstr "Par défaut : memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:778 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:781 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " "to determine access privilege." msgstr "" "Lorsque access_provider=ldap et ldap_access_order=authorized_service, SSSD " "utilise la présence de l'attribut authorizedService dans l'entrée LDAP de " "l'utilisateur pour déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:788 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" "Le refus explicite (!svc) est résolu en premier. Ensuite, SSSD cherche une " "autorisation explicite (svc) et enfin allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:793 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " "ldap_user_authorized_service option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>authorized_service</quote> de façon à permettre à " "l'option ldap_user_authorized_service de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:800 msgid "Default: authorizedService" msgstr "Par défaut : authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:806 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:809 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " "privilege." msgstr "" "Si access_provider=ldap et ldap_access_order=host, SSSD va utiliser la " "présence de l'attribut host dans l'entrée LDAP de l'utilisateur pour " "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:815 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" "Le refus explicite (!host) est résolu en premier. SSSD recherche ensuite les " "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:820 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " "ldap_user_authorized_host option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>host</quote> de façon à permettre à l'option " "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:827 msgid "Default: host" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:833 #, fuzzy #| msgid "ldap_user_authorized_host (string)" msgid "ldap_user_authorized_rhost (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:836 #, fuzzy #| msgid "" #| "If access_provider=ldap and ldap_access_order=host, SSSD will use the " #| "presence of the host attribute in the user's LDAP entry to determine " #| "access privilege." msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " "privilege. Similarly to host verification process." msgstr "" "Si access_provider=ldap et ldap_access_order=host, SSSD va utiliser la " "présence de l'attribut host dans l'entrée LDAP de l'utilisateur pour " "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:843 #, fuzzy #| msgid "" #| "An explicit deny (!host) is resolved first. Second, SSSD searches for " #| "explicit allow (host) and finally for allow_all (*)." msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" "Le refus explicite (!host) est résolu en premier. SSSD recherche ensuite les " "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:848 #, fuzzy #| msgid "" #| "Please note that the ldap_access_order configuration option " #| "<emphasis>must</emphasis> include <quote>host</quote> in order for the " #| "ldap_user_authorized_host option to work." msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " "ldap_user_authorized_rhost option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>host</quote> de façon à permettre à l'option " "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 #, fuzzy #| msgid "Default: host" msgid "Default: rhost" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:861 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:864 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:868 #, fuzzy #| msgid "Default: filter" msgid "Default: userCertificate;binary" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:874 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:877 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:881 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:887 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:890 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:893 msgid "Default: posixGroup" msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:899 msgid "ldap_group_name (string)" msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:902 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'attribut LDAP correspondant au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:913 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:916 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'attribut LDAP correspondant à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:926 msgid "ldap_group_member (string)" msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:929 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'attribut LDAP contenant les noms des membres du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:933 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:939 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:942 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:953 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:956 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" "L'attribut LDAP qui contient l'objectSID d'un objet de groupe LDAP. Ceci " "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:968 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:981 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:984 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" "L'attribut LDAP qui contient une valeur entière indiquant le type de groupe " "voire d'autres indicateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:989 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " "domains." msgstr "" "Cet attribut est actuellement utilisé uniquement par le fournisseur AD pour " "déterminer si un groupe est un groupe de domaine local et doit être filtré " "hors des domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:995 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1002 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1005 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1011 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1018 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1021 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" "Si ldap_schema est défini comme un format prenant en charge les groupes " "imbriqués (par exemple RFC2307bis), alors cette option contrôle le nombre de " "niveaux d'imbrication que SSSD suivra. Cette option n'a pas d'effet sur le " "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1028 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " "<emphasis>may be</emphasis> returned if previous lookups already resolved " "the deeper nesting levels. Also, subsequent lookups for other groups may " "enlarge the result set for original lookup if re-queried." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1037 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " "using <quote>id_provider=ad</quote> it is furthermore required to disable " "usage of Token-Groups by setting ldap_use_tokengroups to false in order to " "restrict group nesting." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1046 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1052 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1055 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " "complex or deep nested groups." msgstr "" "Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " "Directory spécifique qui peut accélérer les opérations de recherche de " "groupe sur les déploiements utilisant des groupes profondément imbriqués et " "complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1061 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" "Dans la plupart des cas, il est préférable de laisser cette option " "désactivée. Elle ne fournit une augmentation des performances que sur les " "imbrications très complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1093 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " "\"auto-detect\"." msgstr "" "Si cette option est activée, SSSD l'utilisera s'il détecte que le serveur la " "prend en charge au cours de la connexion initiale. Ainsi, « true » signifie " "essentiellement « auto-detect »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1072 sssd-ldap.5.xml:1099 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" "windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " "for more details." msgstr "" "Remarque : Cette fonctionnalité fonctionne uniquement avec Active Directory " "2008 R1 et versions suivantes. Consulter <ulink url=\"http://msdn.microsoft." "com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx\">la " "documentation de MSDN(TM)</ulink> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1084 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1087 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " "dealing with complex or deep nested groups)." msgstr "" "Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " "Directory spécifique qui peut accélérer les opérations initgroups (le plus " "souvent lors de l'utilisation de groupes profondément imbriqués ou " "complexes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1114 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" "Cette option active ou désactive l'utilisation de l'attribut Token-Groups " "lors de l'initialisation des groupes pour les utilisateurs Active Directory " "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1119 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1125 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1128 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1131 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1135 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1141 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1144 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1148 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1158 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1161 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1165 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1169 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1175 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1178 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'attribut LDAP contenant les triplets (hôte, utilisateur, domaine) d'un " "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1182 sssd-ldap.5.xml:1198 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1185 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1191 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1207 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1210 msgid "The object class of a service entry in LDAP." msgstr "La classe d'objet d'une entrée de service LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1213 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1219 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1222 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" "L'attribut LDAP qui contient le nom des attributs de service et de leurs " "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1232 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1235 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1239 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1245 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1248 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1252 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1258 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1263 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1266 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" "Définit le délai d'attente (en secondes) autorisé pour les recherches LDAP " "avant annulation et utilisation des résultats contenus dans le cache (et " "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1272 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " "lookup types." msgstr "" "Note : cette option est susceptible de changer dans les prochaines version " "de SSSD. Elle sera sûrement remplacée par une série de délais d'attente pour " "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1284 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1287 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " "are returned (and offline mode is entered)" msgstr "" "Définit le délai d'attente (en secondes) autorisé pour les recherches LDAP " "sur les utilisateurs et groupes avant annulation et utilisation des " "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1300 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1303 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" "<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" "manvolnum> </citerefentry> following a <citerefentry> " "<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" "citerefentry> returns in case of no activity." msgstr "" "Définit le délai d'attente (en secondes) après lequel les fonctions " "<citerefentry> <refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " "</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> " "<manvolnum>2</manvolnum> </citerefentry> suivant un <citerefentry> " "<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1326 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1329 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " "communicating with the KDC in case of SASL bind, the timeout of an LDAP bind " "operation, password change extended operation and the StartTLS operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1344 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1347 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " "in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " "the TGT lifetime) will be used." msgstr "" "Spécifie un délai d'attente (en secondes) pendant laquelle une connexion à " "un serveur LDAP est maintenue. Passé ce délai, la connexion devra être " "rétablie. Si ce paramètre est utilisé en parallèle avec SASL/GSSAPI, la plus " "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1355 sssd-ldap.5.xml:2433 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1361 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1364 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" "Définit le nombre d'enregistrements à récupérer lors d'une requête LDAP. " "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1369 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1375 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1378 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " "it is not enabled or does not behave properly." msgstr "" "Désactiver le contrôle de pagination LDAP. Cette option doit être utilisée " "si le serveur LDAP signale qu'il prend en charge le contrôle de pagination " "LDAP de l'objet RootDSE, mais qu'il n'est pas activé ou ne se comporte pas " "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1384 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" "Exemple : le serveurs OpenLDAP avec le module de contrôle de pagination " "installé sur le serveur mais non activé le signaleront dans RootDSE mais il " "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1390 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " "requests being denied." msgstr "" "Exemple : 389 DS a un bogue où il ne peut que soutenir qu'un seul contrôle " "de pagination à la fois sur une connexion donnée. Sur les clients chargés, " "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1402 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1405 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1408 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " "group contains more members, the reply would include an AD-specific range " "extension. This option disables parsing of the range extension, therefore " "large groups will appear as having no members." msgstr "" "Active Directory limite le nombre de membres à récupérer par recherche à " "l'aide de la stratégie MaxValRange (qui prend la valeur par défaut de 1500 " "membres). Si un groupe contient plus de membres, la réponse inclura une " "extension de plage spécifique à Active Directory. Cette option désactive " "l'analyse de cette extension de plage, les groupes de grande taille " "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1423 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1426 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " "option are defined by OpenLDAP." msgstr "" "Lors de la communication avec un serveur LDAP en utilisant SASL, spécifie le " "niveau de sécurité minimal nécessaire pour établir la connexion. Les valeurs " "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1432 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1439 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1442 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " "they are looked up individually." msgstr "" "Définit le nombre de membres du groupe qui doivent manquer au sein du cache " "interne afin de déclencher une recherche de déréférencement. Si le nombre de " "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1448 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" "Vous pouvez désactiver complètement les recherches de déréférencement en " "affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1452 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " "methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " "Directory." msgstr "" "Une recherche de déréférencement est un moyen pour récupérer tous les " "membres d'un groupe avec un seul appel LDAP. Plusieurs serveurs LDAP peuvent " "avoir différentes méthodes de déréférencement. Les serveurs actuellement " "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1460 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " "regardless of this setting." msgstr "" "<emphasis>Remarque :</emphasis> Si l'une des bases de recherche spécifie un " "filtre de recherche, alors l'amélioration de la performance de recherche de " "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1473 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1476 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" "Définit les vérifications à effectuer sur les certificats serveur sur une " "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1482 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" "<emphasis>never</emphasis> : le client ne demandera ni ne vérifiera un " "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1486 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, it will be ignored and the session proceeds normally." msgstr "" "<emphasis>allow</emphasis> : le certificat serveur est demandé. Si aucun " "certificat n'est fournit, la session continue normalement. Si un mauvais " "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1493 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, the session is immediately terminated." msgstr "" "<emphasis>try</emphasis> : le certificat serveur est demandé. Si aucun " "certificat n'est fourni, la session continue normalement. Si un mauvais " "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1499 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " "immediately terminated." msgstr "" "<emphasis>demand</emphasis> : le certificat serveur est demandé. Si aucun " "certificat ou un mauvais certificat est fourni, la session se termine " "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1505 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1509 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1515 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1518 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" "Définit le fichier qui contient les certificats pour toutes les autorités de " "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1523 sssd-ldap.5.xml:1541 sssd-ldap.5.xml:1582 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" "Par défaut : utilise les paramètres par défaut de OpenLDAP, en général dans " "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1530 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1533 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " "be the hash of the certificate followed by '.0'. If available, " "<command>cacertdir_rehash</command> can be used to create the correct names." msgstr "" "Spécifie le chemin d'un dossier qui contient les certificats de l'autorité " "de certificats dans des fichiers séparés. Usuellement, les noms de fichiers " "sont la somme de contrôle du certificat suivi de « .0 ». Si disponible, " "<command>cacertdir_rehash</command> peut être utilisé pour créer les noms " "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1548 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1551 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1561 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1564 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1573 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1576 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> for format." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1589 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1592 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" "Définit le fait que le fournisseur d'identité de connexion doit aussi " "utiliser <systemitem class=\"protocol\">tls</systemitem> pour protéger le " "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1602 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1605 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " "on ldap_user_uid_number and ldap_group_gid_number." msgstr "" "Indique que SSSD doit tenter de trouver les correspondances des ID " "d'utilisateur et de groupe dans les attributs ldap_user_objectsid et " "ldap_group_objectsid au lieu d'utiliser ldap_user_uid_number et " "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1611 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1621 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1624 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " "ldap_group_gid_number is unbound. In a setup with sub/trusted-domains this " "might lead to ID collisions. To avoid collisions ldap_min_id and ldap_max_id " "can be set to restrict the allowed range for the IDs which are read directly " "from the server. Sub-domains can then pick other ranges to map IDs." msgstr "" "Au contraire de la mise en correspondance d'identifiants s'appuyant sur les " "SID utilisée si ldap_id_mapping est positionné à true, les plages " "d'identifiants autorisés pour ldap_user_uid_number et ldap_group_gid_number " "n'ont pas de limite. Dans une configuration avec des sous-domaines ou des " "domaines approuvés, cela peut engendrer des collisions. Pour les éviter, " "ldap_min_id et ldap_max_id peuvent être configurés afin de restreindre les " "plages d'identifiants autorisées lues directement depuis le serveur. Les " "sous-domaines peuvent ensuite choisir d'autres plages pour leurs propres " "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1636 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1642 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1645 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" "Définit le mécanisme SASL à utiliser. Actuellement, seul GSSAPI est testé et " "pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1655 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1658 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " "This option can either contain the full principal (for example host/" "myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" "Définit l'identité à utiliser pour l'autorisation SASL. Lorsque GSSAPI est " "utilisé, c'est l'identifiant Kerberos principal utilisé pour s'authentifier " "à l'annuaire. Cette option peut soit contenir le principal complet (par " "exemple host/myhost@EXAMPLE.COM), soit juste le nom du principal (par " "exemple host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1666 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1672 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1675 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " "well, this option is ignored." msgstr "" "Spécifie le domaine SASL à utiliser. Si non spécifié, cette option prend par " "défaut la valeur de krb5_realm. Si le ldap_sasl_authid contient aussi le " "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1681 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1687 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" "Si true, la bibliothèque LDAP effectue une recherche inversée pour canoniser " "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1695 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1701 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1704 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1707 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1713 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " "GSSAPI." msgstr "" "Définit le fait que le fournisseur d'identité doit initialiser les données " "d'identification Kerberos (TGT). Cette action est effectuée seulement si " "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1728 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1731 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1735 sssd-ad.5.xml:914 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1741 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1744 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. An optional port number (preceded by a " "colon) may be appended to the addresses or hostnames. If empty, service " "discovery is enabled - for more information, refer to the <quote>SERVICE " "DISCOVERY</quote> section." msgstr "" "Spécifie par ordre de préférence la liste séparée par des virgules des " "adresses IP ou des noms de systèmes des serveurs Kerberos auquel SSSD doit " "se connecter. Pour plus d'informations sur la redondance de bascule et la " "redondance de serveur, consulter la section <quote>BASCULE</quote>. Un " "numéro de port facultatif (précédé de deux-points) peut être ajouté aux " "adresses ou aux noms de systèmes. Si vide, la découverte de services est " "activée - pour plus d'informations, se reporter à la section de " "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1756 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " "none are found." msgstr "" "Lors de l'utilisation de découverte de services pour le KDC ou les serveurs " "kpasswd, SSSD recherche en premier les entrées DNS qui définissent _udp " "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1761 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " "migrate their config files to use <quote>krb5_server</quote> instead." msgstr "" "Cette option s'appelait <quote>krb5_kdcip</quote> dans les versions " "précédentes de SSSD. Bien que ce nom soit toujours reconnu à l'heure " "actuelle, il est conseillé de migrer les fichiers de configuration vers " "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1770 sssd-ipa.5.xml:432 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1773 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1776 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1782 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1785 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" "Spécifie si le principal de l'hôte doit être rendu canonique lors de la " "connexion au serveur LDAP. Cette fonctionnalité est disponible avec MIT " "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1797 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1800 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " "to configure the Kerberos library using the <citerefentry> " "<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> configuration file." msgstr "" "Indique si SSSD doit préciser aux bibliothèques Kerberos quels domaine et " "KDC utiliser. Cette option est activée par défaut, si elle est désactivée, " "la bibliothèque Kerberos doit être configurée à l'aide du fichier de " "configuration <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1811 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " "information on the locator plugin." msgstr "" "Consulter la page de manuel de <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry> pour plus d'informations sur le greffon de " "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1825 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1828 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" "Détermine la politique d'expiration des mots de passe côté client. Les " "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1833 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" "<emphasis>none</emphasis> : aucun évaluation du côté client. Cette option ne " "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1838 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" "<emphasis>shadow</emphasis> - Utiliser les attributs de style " "<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1844 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" "<emphasis>mit_kerberos</emphasis> : utilise les attributs utilisés par MIT " "Kerberos pour déterminer si le mot de passe a expiré. Utiliser " "chpass_provider=krb5 afin de modifier ces attributs lorsque le mot de passe " "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" "<emphasis>Note</emphasis> : si une politique de mots de passe est configurée " "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1861 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1864 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1868 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" "Veuillez noter que sssd ne supporte que le déréférencement que lorsqu'il est " "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1873 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " "does not in fact require the use of referrals, setting this option to false " "might bring a noticeable performance improvement." msgstr "" "La déréférenciation de références peut subir une altération notable des " "performances dans les environnements qui les utilisent fortement, un exemple " "notable étant Microsoft Active Directory. Si votre installation ne nécessite " "pas l'utilisation des références, affecter false à cette option devrait " "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1887 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1890 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1894 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1900 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1903 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser pour trouver un serveur LDAP autorisant " "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1908 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1914 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1917 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" "Spécifie s'il faut mettre à jour l'attribut ldap_user_shadow_last_change " "avec le nombre de jours depuis Epoch après l'opération de changement de mot " "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1929 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1932 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " "must be met for the user to be granted access on this host. If " "access_provider = ldap, ldap_access_order = filter and this option is not " "set, it will result in all users being denied access. Use access_provider = " "permit to change this default behavior. Please note that this filter is " "applied on the LDAP user entry only and thus filtering based on nested " "groups may not work (e.g. memberOf attribute on AD entries points only to " "direct parents). If filtering based on nested groups is required, please see " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1952 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ldap.5.xml:1955 #, no-wrap msgid "" "access_provider = ldap\n" "ldap_access_filter = (employeeType=admin)\n" " " msgstr "" "access_provider = ldap\n" "ldap_access_filter = (employeeType=admin)\n" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1959 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" "Cet exemple signifie que l'accès à cet hôte est restreint aux utilisateurs " "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1964 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " "access during their last login, they will continue to be granted access " "while offline and vice versa." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2029 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1978 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1981 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" "Avec cette option une évaluation du côté client des contrôles d'accès peut " "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1985 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " "even if the password is correct." msgstr "" "Veuillez noter qu'il est toujours recommandé d'utiliser un contrôle d'accès " "du côté serveur, c'est-à-dire que le serveur LDAP doit refuser une requête " "de connexion avec un code erreur approprié même si le mot de passe est " "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1992 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1995 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" "<emphasis>shadow</emphasis> : utiliser la valeur de ldap_user_shadow_expire " "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2000 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " "set. If the attribute is missing access is granted. Also the expiration time " "of the account is checked." msgstr "" "<emphasis>ad</emphasis> : utilise la valeur du champ 32 bits " "ldap_user_ad_user_account_control et autorise l'accès si le deuxième bit " "n'est pas défini. Si l'attribut est manquant, l'accès est autorisé. La date " "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2007 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " "allowed or not." msgstr "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis> : utilise la valeur de ldap_ns_account_lock afin de vérifier si " "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2013 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " "ldap_user_nds_login_expiration_time are used to check if access is allowed. " "If both attributes are missing access is granted." msgstr "" "<emphasis>nds</emphasis> : les valeurs de " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled et " "ldap_user_nds_login_expiration_time sont utilisées pour vérifier si l'accès " "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2022 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " "ldap_account_expire_policy option to work." msgstr "" "Noter que l'option de configuration ldap_access_order <emphasis>doit</" "emphasis> inclure <quote>expire</quote> de façon à permettre à l'option " "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2035 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2038 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2042 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2045 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " "and has value of '000001010000Z'. Please see the option ldap_pwdlockout_dn. " "Please note that 'access_provider = ldap' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2055 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2062 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " "and has value of '000001010000Z' or represents any time in the past. The " "value of the 'pwdAccountLockedTime' attribute must end with 'Z', which " "denotes the UTC time zone. Other time zones are not currently supported and " "will result in \"access-denied\" when users attempt to log in. Please see " "the option ldap_pwdlockout_dn. Please note that 'access_provider = ldap' " "must be set for this feature to work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2079 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2083 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " "interested in being warned that password is about to expire and " "authentication is based on using a different method than passwords - for " "example SSH keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2093 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " "pwd_expire_policy_warn - user is still able to log in, " "pwd_expire_policy_renew - user is prompted to change his password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2101 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2105 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2110 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" "<emphasis>authorized_service</emphasis> : utiliser l'attribut " "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2115 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2119 #, fuzzy #| msgid "" #| "<emphasis>host</emphasis>: use the host attribute to determine access" msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2123 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2128 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2131 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" "Veuillez noter qu'une valeur utilisée plusieurs fois résulte en une erreur " "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2138 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2141 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " "lockout checking will yield access denied as ppolicy attributes on LDAP " "server cannot be checked properly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2149 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2152 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2158 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2161 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" "Définit comment le déréférencement de l'alias est effectué lors d'une " "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2166 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2170 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" "<emphasis>searching</emphasis> : Les alias sont déréférencés comme des " "subordonnés de l'objet de base, mais pas en localisant l'objet de base de la " "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2175 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" "<emphasis>finding</emphasis> : les alias sont seulement déréférencés lors de " "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2180 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" "<emphasis>always</emphasis> : les alias sont déréférencés à la fois pour la " "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2185 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" "Par défaut : vide (ceci est traité comme <emphasis>never</emphasis> par les " "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2193 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2196 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" "Permet de conserver les utilisateurs locaux en tant que membres d'un groupe " "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2200 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " "The self-consistency of the domain is compromised when this is done, so SSSD " "would normally remove the \"missing\" users from the cached group " "memberships as soon as nsswitch tries to fetch information about the user " "via getpw*() or initgroups() calls." msgstr "" "Dans certains environnements où le schéma RFC2307 est utilisé, les " "utilisateurs locaux deviennent membres du groupes LDAP en ajoutant leurs " "noms à l'attribut memberUid. La cohérence du domaine est compromise quand " "cela est fait, SSSD supprimerait normalement les utilisateurs « disparus » " "des appartenances aux groupes mises en cache dès que nsswitch essaie de " "récupérer des informations sur l'utilisateur via des appels à getpw*() ou " "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2211 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " "additional LDAP groups." msgstr "" "Cette option vérifie en dernier recours si les utilisateurs locaux sont " "référencés et les met en cache afin que des appels ultérieurs à initgoups() " "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2223 sssd-ifp.5.xml:136 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "wildcard_limit (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2226 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2230 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2234 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " "of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for full details. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" "Toutes les options de configuration communes appliquées aux domaines SSSD " "s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " "DOMAINE</quote> dans la page de manuel <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2244 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2246 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2257 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2260 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2263 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2269 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2272 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2282 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2285 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2289 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2295 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2298 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" "L'attribut LDAP qui correspond au nom d'hôte (ou adresse IP de l'hôte, " "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2303 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2309 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2312 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" "L'attribut LDAP qui correspond au nom d'utilisateur (ou UID, le nom du " "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2316 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2322 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2325 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2329 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2335 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2338 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" "L'attribut LDAP qui correspond aux commandes peuvent être exécutées sous le " "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2342 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2348 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2351 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" "L'attribut LDAP qui correspond au nom du groupe ou GID du groupe sous lequel " "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2355 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2361 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2364 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" "L'attribut LDAP qui correspond à la date/heure de début pour laquelle la " "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2368 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2374 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2377 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" "L'attribut LDAP qui correspond à la date/heure d'expiration, après quoi la " "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2382 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2388 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2391 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2395 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2401 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2404 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" "La durée en secondes pendant laquelle SSSD va attendre entre deux " "actualisations complètes des règles de sudo (qui téléchargent toutes les " "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2409 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" "La valeur doit être supérieure à <emphasis>ldap_sudo_smart_refresh_interval</" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2414 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2420 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2423 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " "of cached rules)." msgstr "" "La durée en secondes pendant laquelle SSSD doit attendre avant d'exécuter " "une actualisation intelligente des règles sudo (qui télécharge toutes les " "règles qui ont un USN supérieur à l'USN le plus élevé des règles mises en " "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2429 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" "Si les attributs USN ne sont pas pris en charge par le serveur, l'attribut " "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2439 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2442 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" "Si true, SSSD téléchargera les seules règles qui s'appliquent à cette " "machine (à l'aide de l'adresse de système ou de réseau IPv4 ou IPv6 et des " "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2453 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2456 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" "Liste séparés par des espaces des noms de systèmes ou de domaines qui " "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2461 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" "Si cette option est vide, SSSD va essayer de découvrir automatiquement le " "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2466 sssd-ldap.5.xml:2489 sssd-ldap.5.xml:2507 #: sssd-ldap.5.xml:2525 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" "Si <emphasis>ldap_sudo_use_host_filter</emphasis> est <emphasis>false</" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2471 sssd-ldap.5.xml:2494 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2477 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2480 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" "Liste séparés par des espaces d'adresses de système ou de réseaux IPv4 ou " "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2485 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" "Si cette option est vide, SSSD va essayer de découvrir les adresses " "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2500 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2503 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" "Si elle est vraie alors SSSD téléchargera toutes les règles qui contient un " "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2518 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2521 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" "Si positionnée à true, SSSD téléchargera toutes les règles qui contiennent " "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2537 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" "Cette page de manuel décrit uniquement le mappage de noms d'attribut. Pour " "une explication détaillée des sémantiques d'attributs relatives à sudo, cf. " "<citerefentry><refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2547 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2549 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2555 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2558 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2561 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2568 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2571 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2574 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2582 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2585 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2588 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2596 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2599 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2604 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2612 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2615 sssd-ldap.5.xml:2630 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" "La clé d'une entrée de montage automatique dans LDAP. L'entrée correspond " "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2619 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2627 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2634 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2553 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2645 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2652 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2657 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2662 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> #: sssd-ldap.5.xml:2667 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> #: sssd-ldap.5.xml:2669 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " "memberships, even with no GID mapping. It is recommended to disable this " "feature, if group names are not being displayed correctly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> #: sssd-ldap.5.xml:2676 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2678 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2683 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2647 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " "are doing. <placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2698 sssd-simple.5.xml:131 sssd-ipa.5.xml:717 #: sssd-ad.5.xml:1018 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:71 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2700 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " "section." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et que LDAP " "pointe sur un des domaines de la section <replaceable>[domains]</" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ldap.5.xml:2706 #, no-wrap msgid "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" msgstr "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> #: sssd-ldap.5.xml:2705 sssd-ldap.5.xml:2723 sssd-simple.5.xml:139 #: sssd-ipa.5.xml:725 sssd-ad.5.xml:1026 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:78 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2717 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2719 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ldap.5.xml:2724 #, no-wrap msgid "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "access_provider = ldap\n" "ldap_access_order = lockout\n" "ldap_pwdlockout_dn = cn=ppolicy,ou=policies,dc=mydomain,dc=org\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" msgstr "" "[domain/LDAP]\n" "id_provider = ldap\n" "auth_provider = ldap\n" "access_provider = ldap\n" "ldap_access_order = lockout\n" "ldap_pwdlockout_dn = cn=ppolicy,ou=policies,dc=mydomain,dc=org\n" "ldap_uri = ldap://ldap.mydomain.org\n" "ldap_search_base = dc=mydomain,dc=org\n" "ldap_tls_reqcert = demand\n" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2739 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 #: sssd-ad.5.xml:1041 sssd.8.xml:195 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2741 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " "distribution." msgstr "" "Les descriptions de quelques unes des options de configuration des pages de " "manuel sont basées sur le manuel de <citerefentry> <refentrytitle>ldap.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> de la distribution " "de OpenLDAP 2.4." #. type: Content of: <reference><refentry><refnamediv><refname> #: pam_sss.8.xml:11 pam_sss.8.xml:16 msgid "pam_sss" msgstr "pam_sss" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: pam_sss.8.xml:17 msgid "PAM module for SSSD" msgstr "Module PAM pour SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:22 msgid "" "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" "replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" "replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" "arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> </" "arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </" "arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg> <arg " "choice='opt'> <replaceable>allow_missing_name</replaceable> </arg> <arg " "choice='opt'> <replaceable>prompt_always</replaceable> </arg>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:58 msgid "" "<command>pam_sss.so</command> is the PAM interface to the System Security " "Services daemon (SSSD). Errors and results are logged through " "<command>syslog(3)</command> with the LOG_AUTHPRIV facility." msgstr "" "<command>pam_sss.so</command> est l'interface PAM pour le démon des services " "de sécurité système (SSSD). Les erreurs et résultats sont journalisés par " "<command>syslog(3)</command> avec l'argument LOG_AUTHPRIV." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:68 msgid "<option>quiet</option>" msgstr "<option>quiet</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:71 msgid "Suppress log messages for unknown users." msgstr "Supprimer les messages de journal pour les utilisateurs inconnus." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:76 msgid "<option>forward_pass</option>" msgstr "<option>forward_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:79 msgid "" "If <option>forward_pass</option> is set the entered password is put on the " "stack for other PAM modules to use." msgstr "" "Si <option>forward_pass</option> est défini, le mot de passe saisi est " "inséré en mémoire pour les autres modules PAM utilisés." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:86 msgid "<option>use_first_pass</option>" msgstr "<option>use_first_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:89 msgid "" "The argument use_first_pass forces the module to use a previous stacked " "modules password and will never prompt the user - if no password is " "available or the password is not appropriate, the user will be denied access." msgstr "" "L'argument use_first_pass force le module à utliser un module de mot de " "passe déjà en mémoire et n'en fera jamais la demande à l'utilisateur. Si " "aucun mot de passe n'est disponible ou que celui-ci n'est pas approprié, " "l'utilisateur verra son accès refusé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:97 msgid "<option>use_authtok</option>" msgstr "<option>use_authtok</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:100 msgid "" "When password changing enforce the module to set the new password to the one " "provided by a previously stacked password module." msgstr "" "Lorsque le changement de mot de passe force le module à modifier le mot de " "passe par celui fourni par un module de mot de passe déjà chargé en mémoire." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:107 msgid "<option>retry=N</option>" msgstr "<option>retry=N</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:110 msgid "" "If specified the user is asked another N times for a password if " "authentication fails. Default is 0." msgstr "" "Si définit, on demande le mot de passe à l'utilisateur encore N fois si " "l'authentification échoue. Par défaut : 0." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:112 msgid "" "Please note that this option might not work as expected if the application " "calling PAM handles the user dialog on its own. A typical example is " "<command>sshd</command> with <option>PasswordAuthentication</option>." msgstr "" "Veuillez noter que cette option peut ne pas fonctionner comme attendu si " "l'application qui appelle PAM gère lui-même les dialogues avec " "l'utilisateur. Un exemple typique est <command>sshd</command> avec " "<option>PasswordAuthentication</option>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:121 msgid "<option>ignore_unknown_user</option>" msgstr "<option>ignore_unknown_user</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:124 msgid "" "If this option is specified and the user does not exist, the PAM module will " "return PAM_IGNORE. This causes the PAM framework to ignore this module." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:131 msgid "<option>ignore_authinfo_unavail</option>" msgstr "<option>ignore_authinfo_unavail</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:135 msgid "" "Specifies that the PAM module should return PAM_IGNORE if it cannot contact " "the SSSD daemon. This causes the PAM framework to ignore this module." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:142 msgid "<option>domains</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:146 msgid "" "Allows the administrator to restrict the domains a particular PAM service is " "allowed to authenticate against. The format is a comma-separated list of " "SSSD domain names, as specified in the sssd.conf file." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:152 msgid "" "NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " "and <quote>pam_public_domains</quote> options. Please see the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for more information on these two PAM " "responder options." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:166 msgid "<option>allow_missing_name</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:170 msgid "" "The main purpose of this option is to let SSSD determine the user name based " "on additional information, e.g. the certificate from a Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: pam_sss.8.xml:180 #, no-wrap msgid "" "auth sufficient pam_sss.so allow_missing_name\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:175 msgid "" "The current use case are login managers which can monitor a Smartcard reader " "for card events. In case a Smartcard is inserted the login manager will call " "a PAM stack which includes a line like <placeholder type=\"programlisting\" " "id=\"0\"/> In this case SSSD will try to determine the user name based on " "the content of the Smartcard, returns it to pam_sss which will finally put " "it on the PAM stack." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:190 msgid "<option>prompt_always</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:194 msgid "" "Always prompt the user for credentials. With this option credentials " "requested by other PAM modules, typically a password, will be ignored and " "pam_sss will prompt for credentials again. Based on the pre-auth reply by " "SSSD pam_sss might prompt for a password, a Smartcard PIN or other " "credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:207 msgid "MODULE TYPES PROVIDED" msgstr "TYPES DE MODULES FOURNIS" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:208 msgid "" "All module types (<option>account</option>, <option>auth</option>, " "<option>password</option> and <option>session</option>) are provided." msgstr "" "Tous les types de module (<option>account</option>, <option>auth</option>, " "<option>password</option> et <option>session</option>) sont fournis." #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:214 msgid "FILES" msgstr "FICHIERS" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:215 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " "This message can e.g. contain instructions about how to reset a password." msgstr "" "Si une réinitialisation par root d'un mot de passe échoue parce que le " "fournisseur SSSD correspondant ne prend pas en charge la réinitialisation de " "mot de passe, un message spécifique peut être affiché. Ce message peut, par " "exemple, contenir les instructions permettant la réinitialisation." #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:220 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " "<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" "citerefentry>. If there is no matching file the content of " "<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " "the owner of the files and only root may have read and write permissions " "while all other users must have only read permissions." msgstr "" "Le message est lu depuis le fichier <filename>pam_sss_pw_reset_message.LOC</" "filename> où LOC représente une chaîne de paramètres régionaux retournée par " "<citerefentry><refentrytitle>setlocale</refentrytitle> <manvolnum>3</" "manvolnum></citerefentry>. Si il n'y a aucun fichier correspondant, le " "contenu de <filename>pam_sss_pw_reset_message.txt</filename> est affiché. " "L'utilisateur root doit être le propriétaire des fichiers et seul root peut " "avoir les autorisations en lecture et en écriture alors que tous les autres " "utilisateurs doivent avoir les autorisations en lecture seule." #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:230 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " "displayed." msgstr "" "Ces fichiers sont recherchés dans le dossier <filename>/etc/sssd/customize/" "NOM_DE_DOMAINE/</filename>. Si aucun fichier correspondant n'est présent, un " "message spécifique est affiché." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 msgid "sssd_krb5_locator_plugin" msgstr "sssd_krb5_locator_plugin" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd_krb5_locator_plugin.8.xml:16 msgid "Kerberos locator plugin" msgstr "Greffon de localisation Kerberos" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " "used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " "libraries what Realm and which KDC to use. Typically this is done in " "<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> which is always read by the Kerberos libraries. " "To simplify the configuration the Realm and the KDC can be defined in " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> as described in <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" "Le greffon de localisation Kerberos <command>sssd_krb5_locator_plugin</" "command> est utilisé par le fournisseur Kerberos de " "<citerefentry><refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> pour indiquer aux bibliothèques Kerberos quel domaine et quel " "KDC à utiliser. En général, cela se fait en " "<citerefentry><refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> qui est toujours lu par les bibliothèques de " "Kerberos. Pour simplifier la configuration, le Domaine et le KDC peuvent " "être définis dans <citerefentry><refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> comme indiqué dans " "<citerefentry><refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:48 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry> puts the Realm and the name or IP address of the KDC into " "the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " "When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " "libraries it reads and evaluates these variables and returns them to the " "libraries." msgstr "" "<citerefentry><refentrytitle>SSSD</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> met le nom de domaine et le nom ou adresse IP du KDC dans les " "variables d'environnement SSSD_KRB5_REALM et SSSD_KRB5_KDC respectivement. " "Lorsque <command>sssd_krb5_locator_plugin</command> est appelé par les " "bibliothèques de kerberos, il lit et évalue ces variables et les transmet " "aux bibliothèques." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:63 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " "you have to edit /etc/krb5.conf to reflect your Kerberos setup." msgstr "" "Toutes les versions de Kerberos ne prennent en charge l'utilisation de " "greffons. Si <command>sssd_krb5_locator_plugin</command> n'est pas présent " "sur votre système, il faut modifier /etc/krb5.conf pour s'adapter à la " "configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:69 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" "Si la variable d'environnement SSSD_KRB5_LOCATOR_DEBUG a une valeur " "quelconque, des messages de débogage seront envoyés sur la sortie standard " "d'erreur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:73 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" msgstr "sssd-simple" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-simple.5.xml:17 msgid "the configuration file for SSSD's 'simple' access-control provider" msgstr "" "le fichier de configuration pour le fournisseur de contrôle d'accès « " "simple » de SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:24 msgid "" "This manual page describes the configuration of the simple access-control " "provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " "refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur de contrôle " "d'accès simple de <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. Pour plus de détails sur la " "syntaxe, cf. la section <quote>FORMAT DE FICHIER</quote> de la page de " "manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:38 msgid "" "The simple access provider grants or denies access based on an access or " "deny list of user or group names. The following rules apply:" msgstr "" "Le fournisseur d'accès simple autorise les accès à partir de listes " "d'autorisation ou de refus de noms d'utilisateurs ou de groupes. Les règles " "suivantes s'appliquent :" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:43 msgid "If all lists are empty, access is granted" msgstr "Si toutes les listes sont vides, l'accès est autorisé" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:47 msgid "" "If any list is provided, the order of evaluation is allow,deny. This means " "that any matching deny rule will supersede any matched allow rule." msgstr "" "Si une liste est fournie, quelle qu'elle soit, l'ordre d'évaluation est " "allow,deny. Autrement dit une règle de refus écrasera une règle " "d'autorisation." #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:54 msgid "" "If either or both \"allow\" lists are provided, all users are denied unless " "they appear in the list." msgstr "" "Si la ou les listes fournies sont seulement de type « allow », tous les " "utilisateurs sont refusés à moins qu'ils ne soient dans la liste." #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:60 msgid "" "If only \"deny\" lists are provided, all users are granted access unless " "they appear in the list." msgstr "" "Si seulement les listes « deny » sont utilisées, tous les utlisateurs sont " "autorisés à moins qu'ils ne soient dans la liste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:78 msgid "simple_allow_users (string)" msgstr "simple_allow_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:81 msgid "Comma separated list of users who are allowed to log in." msgstr "" "Liste séparée par des virgules d'utilisateurs autorisés à se connecter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:88 msgid "simple_deny_users (string)" msgstr "simple_deny_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:91 msgid "Comma separated list of users who are explicitly denied access." msgstr "" "Liste séparée par des virgules d'utilisateurs dont l'accès sera refusé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:97 msgid "simple_allow_groups (string)" msgstr "simple_allow_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:100 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" "Liste séparée par des virgules de groupes autorisés à se connecter. Ceci ne " "s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaux ne sont " "pas pris en compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:108 msgid "simple_deny_groups (string)" msgstr "simple_deny_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:111 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" "Liste séparée par des virgules de groupes dont l'accès sera refusé. Ceci ne " "s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaux ne sont " "pas pris en compte." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:70 sssd-ipa.5.xml:76 sssd-ad.5.xml:100 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Se référer à la section <quote>SECTIONS DE DOMAINE</quote> de la page de " "manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> pour les détails sur la configuration d'un " "domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" "Specifying no values for any of the lists is equivalent to skipping it " "entirely. Beware of this while generating parameters for the simple provider " "using automated scripts." msgstr "" "Ne spécifier aucune valeur pour aucune des listes revient à l'ignorer " "complètement. Se méfier de ceci lors de la création des paramètres pour le " "fournisseur simple à l'aide automatique de scripts." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:125 msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" "Veuillez noter que la configuration simultanée de simple_allow_users et " "simple_deny_users est une erreur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the simple access provider-specific options." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et que example." "com est un des domaines dans la section <replaceable>[sssd]</replaceable>. " "Ces exemples montrent seulement les options spécifiques du fournisseur " "d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-simple.5.xml:140 #, no-wrap msgid "" "[domain/example.com]\n" "access_provider = simple\n" "simple_allow_users = user1, user2\n" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:150 msgid "" "The complete group membership hierarchy is resolved before the access check, " "thus even nested groups can be included in the access lists. Please be " "aware that the <quote>ldap_group_nesting_level</quote> option may impact the " "results and should be set to a sufficient value. (<citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>) option." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss-certmap.5.xml:10 sss-certmap.5.xml:16 msgid "sss-certmap" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss-certmap.5.xml:17 msgid "SSSD Certificate Matching and Mapping Rules" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss-certmap.5.xml:23 msgid "" "The manual page describes the rules which can be used by SSSD and other " "components to match X.509 certificates and map them to accounts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss-certmap.5.xml:28 msgid "" "Each rule has four components, a <quote>priority</quote>, a <quote>matching " "rule</quote>, a <quote>mapping rule</quote> and a <quote>domain list</" "quote>. All components are optional. A missing <quote>priority</quote> will " "add the rule with the lowest priority. The default <quote>matching rule</" "quote> will match certificates with the digitalSignature key usage and " "clientAuth extended key usage. If the <quote>mapping rule</quote> is empty " "the certificates will be searched in the userCertificate attribute as DER " "encoded binary. If no domains are given only the local domain will be " "searched." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss-certmap.5.xml:41 msgid "RULE COMPONENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:43 msgid "PRIORITY" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:45 msgid "" "The rules are processed by priority while the number '0' (zero) indicates " "the highest priority. The higher the number the lower is the priority. A " "missing value indicates the lowest priority." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:50 msgid "" "Internally the priority is treated as unsigned 32bit integer, using a " "priority value larger than 4294967295 will cause an error." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:55 msgid "MATCHING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:57 msgid "" "The matching rule is used to select a certificate to which the mapping rule " "should be applied. It uses a system similar to the one used by " "<quote>pkinit_cert_match</quote> option of MIT Kerberos. It consists of a " "keyword enclosed by '<' and '>' which identified a certain part of the " "certificate and a pattern which should be found for the rule to match. " "Multiple keyword pattern pairs can be either joined with '&&' (and) " "or '||' (or)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:69 msgid "<SUBJECT>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:72 msgid "" "With this a part or the whole subject name of the certificate can be " "matched. For the matching POSIX Extended Regular Expression syntax is used, " "see regex(7) for details." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:78 msgid "" "For the matching the subject name stored in the certificate in DER encoded " "ASN.1 is converted into a string according to RFC 4514. This means the most " "specific name component comes first. Please note that not all possible " "attribute names are covered by RFC 4514. The names included are 'CN', 'L', " "'ST', 'O', 'OU', 'C', 'STREET', 'DC' and 'UID'. Other attribute names might " "be shown differently on different platform and by different tools. To avoid " "confusion those attribute names are best not used or covered by a suitable " "regular-expression." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:91 msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:96 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:99 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:104 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:109 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:112 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:116 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:117 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:118 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:119 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:120 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:121 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:122 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:123 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:124 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:128 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:132 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:137 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:140 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:144 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:145 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:146 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:147 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:148 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:149 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:150 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:151 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sss-certmap.5.xml:152 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:156 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:160 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:165 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:168 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" "Principal> does." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:173 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:178 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:181 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:185 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:190 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:193 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:197 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:202 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:205 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:213 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:216 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " "regular expression." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:222 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:227 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:230 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " "otherName components with special encodings which could not be treated as " "strings." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:237 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:242 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:245 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:248 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:253 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:256 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:259 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:264 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:267 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:270 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:275 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:278 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:283 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:288 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:291 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:294 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:299 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:302 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:305 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:310 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:313 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:316 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:321 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:324 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:328 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:66 msgid "" "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:336 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:338 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " "then be used to authenticate as one of those accounts." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:343 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " "this the mapping rule is based on LDAP search filter syntax with templates " "to add certificate content to the filter. It is expected that the filter " "will only contain the specific data needed for the mapping and that the " "caller will embed it in another filter to do the actual search. Because of " "this the filter string should start and stop with '(' and ')' respectively." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:353 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " "'altSecurityIdentities' attribute in AD or the 'ipaCertMapData' attribute " "for IPA can be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:359 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " "is that the user specific data in LDAP might change for various reasons " "would break the mapping. On the other hand it would be hard to break the " "mapping on purpose for a specific user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:374 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:377 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " "the '_x500' prefix should be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:383 sss-certmap.5.xml:409 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:387 sss-certmap.5.xml:413 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:391 sss-certmap.5.xml:417 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:395 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:400 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:403 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " "the '_x500' prefix should be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:421 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:426 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:429 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " "either converted to an escaped hex sequence '\\xx' or base64. The escaped " "hex sequence is the default and can e.g. be used with the LDAP attribute " "'userCertificate;binary'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:437 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:442 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:445 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " "represents the first part of the principal before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:451 sss-certmap.5.xml:479 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:456 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:459 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " "principal before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:465 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:470 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:473 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " "before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:484 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:487 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " "represents the first part of the address before the '@' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:493 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:498 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:501 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " "component represents the first part of the name before the first '.' sign." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:507 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:512 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:515 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:519 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:524 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:527 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:531 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:536 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:539 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:544 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:549 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:552 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:556 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:561 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:564 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:569 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sss-certmap.5.xml:574 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:577 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sss-certmap.5.xml:582 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:367 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " "with an optional sub-component specifier separated by a '.' or an optional " "conversion/formatting option separated by a '!'. Allowed values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss-certmap.5.xml:590 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:592 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " "as they are know by SSSD. Domains not know to SSSD will be ignored." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 msgid "sssd-ipa" msgstr "sssd-ipa" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ipa.5.xml:17 msgid "SSSD IPA provider" msgstr "Fournisseur IPA SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:23 msgid "" "This manual page describes the configuration of the IPA provider for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur IPA pour " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Pour une référence détaillée sur la syntaxe, veuillez " "regarder la section <quote>FORMAT DE FICHIER</quote> de la page de manuel " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:36 msgid "" "The IPA provider is a back end used to connect to an IPA server. (Refer to " "the freeipa.org web site for information about IPA servers.) This provider " "requires that the machine be joined to the IPA domain; configuration is " "almost entirely self-discovered and obtained directly from the server." msgstr "" "Le fournisseur IPA est le moteur pour se connecter à un serveur IPA. (Cf. le " "site freeipa.org pour plus d'informations sur les serveurs IPA). Ce " "fournisseur nécessite que la machine soit joignable pour le domaine IPA ; la " "configuration est presque entièrement obtenue et auto-découverte à partir du " "serveur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:43 msgid "" "The IPA provider enables SSSD to use the <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> identity " "provider and the <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> authentication provider with " "optimizations for IPA environments. The IPA provider accepts the same " "options used by the sssd-ldap and sssd-krb5 providers with some exceptions. " "However, it is neither necessary nor recommended to set these options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:57 msgid "" "The IPA provider primarily copies the traditional ldap and krb5 provider " "default options with some exceptions, the differences are listed in the " "<quote>MODIFIED DEFAULT OPTIONS</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:62 msgid "" "As an access provider, the IPA provider uses HBAC (host-based access " "control) rules. Please refer to freeipa.org for more information about " "HBAC. No configuration of access provider is required on the client side." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:67 msgid "" "The IPA provider will use the PAC responder if the Kerberos tickets of users " "from trusted realms contain a PAC. To make configuration easier the PAC " "responder is started automatically if the IPA ID provider is configured." msgstr "" "Le fournisseur IPA utilisera le répondeur PAC si les tickets Kerberos " "d'utilisateurs de domaines Kerberos approuvés contiennent un PAC. Pour " "rendre la configuration plus facile, le répondeur PAC est démarré " "automatiquement si le fournisseur d'ID de IPA est configuré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:83 msgid "ipa_domain (string)" msgstr "ipa_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:86 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" "Définit le nom du domaine IPA. Facultatif, s'il n'est pas fourni, le nom de " "domaine de la configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:94 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:97 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " "on failover and server redundancy, see the <quote>FAILOVER</quote> section. " "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" "La liste par ordre de préférence séparée par des virgules des adresses IP ou " "des noms de systèmes des serveurs IPA auxquels SSSD doit se connecter . Pour " "plus d'informations sur la redondance de serveurs et la bascule, consulter " "la section <quote>BASCULE</quote>. Ceci est facultatif si la découverte " "automatique est activée. Pour plus d'informations sur la découverte de " "services, se reporter à la section de <quote>DÉCOUVERTE DE SERVICE</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:110 msgid "ipa_hostname (string)" msgstr "ipa_hostname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:113 #, fuzzy #| msgid "" #| "Optional. May be set on machines where the hostname(5) does not reflect " #| "the fully qualified name used in the IPA domain to identify this host." msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host. The " "hostname must be fully qualified." msgstr "" "Facultatif. Peut être défini pour des machines dont le hostname(5) ne " "reflète pas le nom de domaine pleinement qualifié du domaine IPA pour " "identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:122 sssd-ad.5.xml:843 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:125 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA with the IP address of this client. The update is secured " "using GSS-TSIG. The IP address of the IPA LDAP connection is used for the " "updates, if it is not otherwise specified by using the <quote>dyndns_iface</" "quote> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:134 sssd-ad.5.xml:857 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" "NOTE : Sur les systèmes plus anciens (tels que RHEL 5), afin que ce " "comportement fonctionne de façon fiable, le domaine Kerberos par défaut doit " "être défini correctement dans /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:139 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</" "emphasis> option, users should migrate to using <emphasis>dyndns_update</" "emphasis> in their config file." msgstr "" "REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option " "<emphasis>ipa_dyndns_update</emphasis>, les utilisateurs doivent maintenant " "utiliser <emphasis>dyndns_update</emphasis> dans leur fichier de " "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:151 sssd-ad.5.xml:868 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:154 sssd-ad.5.xml:871 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " "serverside if set by an administrator." msgstr "" "Le TTL à appliquer à l'enregistrement du client DNS lors de sa mise à jour. " "Si dyndns_update a la valeur false, cela n'a aucun effet. Cela remplacera le " "TTL côté serveur s'il est défini par un administrateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:159 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</" "emphasis> option, users should migrate to using <emphasis>dyndns_ttl</" "emphasis> in their config file." msgstr "" "REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option " "<emphasis>ipa_dyndns_ttl</emphasis>, les utilisateurs doivent maintenant " "utiliser <emphasis>dyndns_ttl</emphasis> dans leur fichier de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:165 msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:171 sssd-ad.5.xml:882 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:174 sssd-ad.5.xml:885 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " "updates. Special value <quote>*</quote> implies that IPs from all interfaces " "should be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:181 msgid "" "NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</" "emphasis> option, users should migrate to using <emphasis>dyndns_iface</" "emphasis> in their config file." msgstr "" "REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option " "<emphasis>ipa_dyndns_iface</emphasis>, les utilisateurs doivent maintenant " "utiliser <emphasis>dyndns_iface</emphasis> dans leur fichier de " "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:187 msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:191 sssd-ad.5.xml:896 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:197 sssd-ad.5.xml:947 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:200 sssd-ad.5.xml:950 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " "option to 'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:206 sssd-ad.5.xml:956 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:212 msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:215 sssd-ad.5.xml:197 msgid "Enables DNS sites - location based service discovery." msgstr "Active les sites DNS - découverte de service basée sur l'emplacement" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, then the SSSD will first attempt location " "based discovery using a query that contains \"_location.hostname.example.com" "\" and then fall back to traditional SRV discovery. If the location based " "discovery succeeds, the IPA servers located with the location based " "discovery are treated as primary servers and the IPA servers located using " "the traditional SRV discovery are used as back up servers" msgstr "" "Si true et que la découverte de service (cf. le paragraphe Découverte de " "service au bas de la page de manuel) est activée, alors SSSD tentera d'abord " "une découverte basée sur l'emplacement en utilisant une requête contenant " "« _location.hostname.example.com », puis reviendra à une découverte SRV " "traditionnelle. Si la découverte basée sur l'emplacement réussit, les " "serveurs IPA ainsi découverts sont traités comme serveurs primaires, et les " "serveurs identifiés via la découverte basée sur les enregistrements SRV " "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:238 sssd-ad.5.xml:902 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:241 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " "optional and applicable only when dyndns_update is true." msgstr "" "Fréquence de mise à jour des DNS par le moteur en plus des mises à jour " "automatiques effectuées lorsque le moteur arrive en ligne. Cette option est " "facultative, et n'est applicable que lorsque l'option dyndns_update est " "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:254 sssd-ad.5.xml:920 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:257 sssd-ad.5.xml:923 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" "Selon que l'enregistrement PTR doit être explicitement mis à jour lors de la " "mise à jour des enregistrements DNS du client. Applicable uniquement lorsque " "l'option dyndns_update est configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:262 msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" "Cette option doit être positionnée à False pour la plupart des déploiements " "IPA, puisque le serveur IPA crée les enregistrements PTR automatiquement " "quand les enregistrements directs sont modifiés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:268 msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:274 sssd-ad.5.xml:934 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:277 sssd-ad.5.xml:937 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut pour la " "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:281 sssd-ad.5.xml:941 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:287 sssd-ad.5.xml:962 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:290 sssd-ad.5.xml:965 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:295 sssd-ad.5.xml:970 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:300 sssd-ad.5.xml:975 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:305 sssd-ad.5.xml:980 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:311 #, fuzzy #| msgid "ipa_views_search_base (string)" msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:314 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" "Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:318 sssd-ipa.5.xml:331 msgid "Default: Use base DN" msgstr "Par défaut : utilise le DN de base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:324 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:327 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:337 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:340 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " "des objets." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:344 sssd-ipa.5.xml:363 sssd-ipa.5.xml:382 sssd-ipa.5.xml:401 #: sssd-ipa.5.xml:420 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" "Cf. <quote>ldap_search_base</quote> pour plus d'informations sur la " "configuration des bases de recherche multiples." #. type: Content of: <listitem><para> #: sssd-ipa.5.xml:349 sssd-ipa.5.xml:368 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:356 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:359 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "mappages utilisateur SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:375 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:378 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:387 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:394 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:397 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche objet de " "domaine maître." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:406 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:413 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:416 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:425 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:435 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" "Le nom du domaine Kerberos. Facultatif, prend comme valeur par défaut la " "valeur de <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:439 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" "Le nom du domaine Kerberos a une signification spéciale dans IPA. Il est " "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:447 sssd-ad.5.xml:989 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:450 sssd-ad.5.xml:992 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:454 sssd-ad.5.xml:996 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:458 sssd-ad.5.xml:1000 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:465 #, fuzzy #| msgid "ipa_hbac_refresh (integer)" msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:468 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " #| "server. This will reduce the latency and load on the IPA server if there " #| "are many access-control requests made in a short period." msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " "are many desktop profiles requests made in a short period." msgstr "" "Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " "permet de réduire le temps de latence et la charge du serveur IPA si il y a " "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:475 sssd-ipa.5.xml:505 sssd-ipa.5.xml:521 sssd-ad.5.xml:408 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:481 #, fuzzy #| msgid "ldap_sudo_full_refresh_interval (integer)" msgid "ipa_deskprofile_request_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:484 #, fuzzy #| msgid "" #| "The amount of time between lookups of the HBAC rules against the IPA " #| "server. This will reduce the latency and load on the IPA server if there " #| "are many access-control requests made in a short period." msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" "Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " "permet de réduire le temps de latence et la charge du serveur IPA si il y a " "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:489 #, fuzzy #| msgid "Default: 900 (15 minutes)" msgid "Default: 60 (minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:495 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:498 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " "access-control requests made in a short period." msgstr "" "Le temps entre deux recherches de règles HBAC sur un serveur IPA. Cela " "permet de réduire le temps de latence et la charge du serveur IPA si il y a " "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:511 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:514 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " "many user login requests made in a short period." msgstr "" "Le temps entre les recherches de cartes SELinux sur un serveur IPA. Cela " "réduit le temps de latence et la charge du serveur IPA s'il y a beaucoup de " "requêtes de connexions utilisateurs sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:527 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:530 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:535 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:546 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:549 msgid "The automounter location this IPA client will be using" msgstr "L'emplacement à automonter qu'utilisera ce client IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:552 msgid "Default: The location named \"default\"" msgstr "Par défaut : Le lieu nommé « default »" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:560 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:569 msgid "ipa_view_class (string)" msgstr "ipa_view_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:572 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:575 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:581 msgid "ipa_view_name (string)" msgstr "ipa_view_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:584 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:594 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:597 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:600 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:606 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:609 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:613 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:619 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:622 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:627 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:630 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:633 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:636 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:639 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:642 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:645 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:648 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:653 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:659 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:662 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:667 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:670 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:673 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:678 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:562 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " "side there is basically no need to configure anything. For completeness the " "related options are listed here with their default values. <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:690 msgid "SUBDOMAINS PROVIDER" msgstr "FOURNISSEURS DE SOUS-DOMAINES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:692 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" "Le fournisseur de sous-domaines IPA se comporte un peu différemment s'il est " "configuré explicitement ou implicitement." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:696 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " "subdomain requests are sent to the IPA server if necessary." msgstr "" "Si l'option « subdomains_provider = ipa » se trouve dans la section domaine " "de sssd.conf, le fournisseur de sous-domaines d'IPA est configuré " "explicitement, et toutes les demandes de sous-domaines sont envoyées au " "serveur IPA si nécessaire." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:702 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " "provider is configured implicitly. In this case, if a subdomain request " "fails and indicates that the server does not support subdomains, i.e. is not " "configured for trusts, the IPA subdomains provider is disabled. After an " "hour or after the IPA provider goes online, the subdomains provider is " "enabled again." msgstr "" "Si l'option « subdomains_provider » n'est pas définie dans la section " "domaine de sssd.conf, mais qu'il y a l'option « id_provider = ipa », le " "fournisseur de sous-domaines IPA est configuré implicitement. Dans ce cas, " "si une demande de sous-domaine échoue et indique que le serveur ne prend pas " "en charge les sous-domaines, c'est-à-dire qu'il n'est pas configuré pour les " "relations d'approbations, le fournisseur de sous-domaines IPA est désactivé. " "Après une heure ou après que le fournisseur IPA arrive en ligne, le " "fournisseur de sous-domaines est à nouveau activé." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:719 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the ipa provider-specific options." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et example.com " "est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces " "exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:726 #, no-wrap msgid "" "[domain/example.com]\n" "id_provider = ipa\n" "ipa_server = ipaserver.example.com\n" "ipa_hostname = myhost.example.com\n" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ad.5.xml:10 sssd-ad.5.xml:16 msgid "sssd-ad" msgstr "sssd-ad" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ad.5.xml:17 msgid "SSSD Active Directory provider" msgstr "Fournisseur Active Directory SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:23 msgid "" "This manual page describes the configuration of the AD provider for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur AD pour " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. Pour une référence détaillée sur la syntaxe, cf. la section " "<quote>FORMAT DE FICHIER</quote> de la page de manuel <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:36 msgid "" "The AD provider is a back end used to connect to an Active Directory server. " "This provider requires that the machine be joined to the AD domain and a " "keytab is available. Back end communication occurs over a GSSAPI-encrypted " "channel, SSL/TLS options should not be used with the AD provider and will be " "superceded by Kerberos usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:44 msgid "" "The AD provider supports connecting to Active Directory 2008 R2 or later. " "Earlier versions may work, but are unsupported." msgstr "" "Le fournisseur AD prend en charge la connexion à Active Directory 2008 R2 ou " "ultérieures. Les versions antérieures peuvent fonctionner, mais ne sont pas " "supportées." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:48 msgid "" "The AD provider can be used to get user information and authenticate users " "from trusted domains. Currently only trusted domains in the same forest are " "recognized. In addition servers from trusted domains are always auto-" "discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:54 msgid "" "The AD provider enables SSSD to use the <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> identity " "provider and the <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> authentication provider with " "optimizations for Active Directory environments. The AD provider accepts the " "same options used by the sssd-ldap and sssd-krb5 providers with some " "exceptions. However, it is neither necessary nor recommended to set these " "options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:69 msgid "" "The AD provider primarily copies the traditional ldap and krb5 provider " "default options with some exceptions, the differences are listed in the " "<quote>MODIFIED DEFAULT OPTIONS</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:74 msgid "" "The AD provider can also be used as an access, chpass, sudo and autofs " "provider. No configuration of the access provider is required on the client " "side." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:85 #, no-wrap msgid "" "ldap_id_mapping = False\n" " " msgstr "" "ldap_id_mapping = False\n" " " #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:79 msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " "MAPPING</quote> section below. If you want to disable ID mapping and instead " "rely on POSIX attributes defined in Active Directory, you should set " "<placeholder type=\"programlisting\" id=\"0\"/> In order to retrieve users " "and groups using POSIX attributes from trusted domains, the AD administrator " "must make sure that the POSIX attributes are replicated to the Global " "Catalog." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:92 msgid "" "Users, groups and other entities served by SSSD are always treated as case-" "insensitive in the AD provider for compatibility with Active Directory's " "LDAP implementation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:107 msgid "ad_domain (string)" msgstr "ad_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:110 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" "Spécifie le nom du domaine Active Directory. Ceci est facultatif. S'il " "n'est pas fourni, le nom de domaine de la configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:115 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" "Pour un fonctionnement correct, cette option doit être le nom long du " "domaine Active Directory, spécifié en minuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:120 msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" "Le nom de domaine court (aussi connu comme le nom NetBIOS ou nom plat) est " "autodétecté par SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:127 msgid "ad_enabled_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:130 msgid "" "A comma-separated list of enabled Active Directory domains. If provided, " "SSSD will ignore any domains not listed in this option. If left unset, all " "domains from the AD forest will be available." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:140 #, no-wrap msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:136 msgid "" "For proper operation, this option must be specified in all lower-case and as " "the fully qualified domain name of the Active Directory domain. For example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:144 msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:154 msgid "ad_server, ad_backup_server (string)" msgstr "ad_server, ad_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:157 msgid "" "The comma-separated list of hostnames of the AD servers to which SSSD should " "connect in order of preference. For more information on failover and server " "redundancy, see the <quote>FAILOVER</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:164 msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:169 msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:177 msgid "ad_hostname (string)" msgstr "ad_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:180 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " "host." msgstr "" "Facultatif. Peut être défini sur les machines où le hostname(5) ne reflète " "pas le nom pleinenent qualifié utilisé dans le domaine Active Directory pour " "identifier ce système." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:186 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" "Ce champ est utilisé pour déterminer le principal d'hôte utilisé dans un " "fichier keytab. Elle doit correspondre au nom du système pour lequel a été " "publié un fichier keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:194 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:201 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " "Active Directory server to connect to using the Active Directory Site " "Discovery and fall back to the DNS SRV records if no AD site is found. The " "DNS SRV configuration, including the discovery domain, is used during site " "discovery as well." msgstr "" "Si configuré à true et que la découverte de service (cf. le paragraphe " "Découverte de service au bas de la page de manuel) est activée, SSSD tentera " "d'abord de découvrir le serveur Active Directory auquel se connecter en " "utilisant Active Directory Site Discovery, puis se repliera sur " "l'utilisation des enregistrements DNS SRV si aucun site AD n'est trouvé. La " "configuration SRV du DNS, incluant la découverte de domaine, est aussi " "utilisée pendant la découverte de site." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:217 msgid "ad_access_filter (string)" msgstr "ad_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:220 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:228 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " "The keyword can be either <quote>DOM</quote>, <quote>FOREST</quote> or " "missing." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:236 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " "keyword equals to <quote>FOREST</quote>, then the filter equals to all " "domains from the forest specified by <quote>NAME</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:244 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:249 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." "example.org: syntax to ensure the parser does not attempt to interpret the " "colon characters associated with the OID. If you do not use this OID then " "nested group membership will not be resolved. See usage example below and " "refer here for further information about the OID: <ulink url=\"https://msdn." "microsoft.com/en-us/library/cc223367.aspx\"> [MS-ADTS] section LDAP " "extensions</ulink>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:262 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" "domain filter would be applied. If there are more matches with the same " "specification, the first one is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ad.5.xml:273 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" "dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n" "\n" "# apply filter on domain called dom2 only:\n" "DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n" "\n" "# apply filter on forest called EXAMPLE.COM only:\n" "FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n" "\n" "# apply filter for a member of a nested group in dom1:\n" "DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example,dc=com)\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:292 msgid "ad_site (string)" msgstr "ad_site (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:295 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:306 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:309 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " "as a fallback. Disabling this option makes the SSSD only connect to the LDAP " "port of the current AD server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:317 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " "port of trusted domains instead. However, Global Catalog must be used in " "order to resolve cross-domain group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:331 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:334 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " "permissive mode. Please note that the <quote>access_provider</quote> option " "must be explicitly set to <quote>ad</quote> in order for this option to have " "an effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:343 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to a particular host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:349 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " "(as dictated by the GPO policy settings). In order to facilitate a smooth " "transition for administrators, a permissive mode is available that will not " "enforce the access control rules, but will evaluate them and will output a " "syslog message if access would have been denied. By examining the logs, " "administrators can then make the necessary changes before setting the mode " "to enforcing." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:362 msgid "There are three supported values for this option:" msgstr "Il existe trois valeurs prises en charge pour cette option :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:366 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:372 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:378 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " "have been denied access if this option's value were set to enforcing." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:389 msgid "Default: permissive" msgstr "Par défaut : permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:392 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:398 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:401 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:414 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:417 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " "DenyInteractiveLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:423 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:437 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:428 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>login</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:441 sssd-ad.5.xml:537 sssd-ad.5.xml:583 sssd-ad.5.xml:628 #: sssd-ad.5.xml:694 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:445 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:450 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:455 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:460 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:465 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:470 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:475 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:480 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:485 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:490 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:495 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:500 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:509 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:512 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " "DenyRemoteInteractiveLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:518 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " "Desktop Services\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:533 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:524 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>sshd</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:541 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:546 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:555 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:558 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " "DenyNetworkLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:564 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " "network\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:579 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:570 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>ftp</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:587 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:592 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:601 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:604 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " "policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:610 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:624 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:615 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for this logon right (e.g. " "<quote>crond</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:632 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:641 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:644 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " "DenyServiceLogonRight policy settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:650 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:663 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:655 sssd-ad.5.xml:730 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " "to remove a PAM service name from the default set. For example, in order to " "add a custom pam service name (e.g. <quote>my_pam_service</quote>), you " "would use the following configuration: <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:673 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:676 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:690 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:681 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " "the default set by using <quote>-service_name</quote>. For example, in " "order to replace a default PAM service name for unconditionally permitted " "access (e.g. <quote>sudo</quote>) with a custom pam service name (e.g. " "<quote>my_pam_service</quote>), you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:698 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:703 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:708 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:713 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:722 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:725 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:738 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:748 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:751 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " "option can be set in two different manners. First, this option can be set to " "use a default logon right. For example, if this option is set to " "'interactive', it means that unmapped PAM service names will be processed " "based on the InteractiveLogonRight and DenyInteractiveLogonRight policy " "settings. Alternatively, this option can be set to either always permit or " "always deny access for unmapped PAM service names." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:764 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:768 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:773 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:778 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:783 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:788 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:793 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ad.5.xml:798 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:804 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:810 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:813 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " "attempt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:819 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:825 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:828 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " "defines the interval in seconds how often the task is run. The second " "specifies the initial timeout in seconds before the task is run for the " "first time after startup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:837 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:846 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " "only needs to allow secure updates for the DNS zone. The IP address of the " "AD LDAP connection is used for the updates, if it is not otherwise specified " "by using the <quote>dyndns_iface</quote> option." msgstr "" "Facultatif. Cette option indique à SSSD de mettre à jour automatiquement le " "serveur DNS intégré à IPA v2 avec l'adresse IP de ce client. La mise à jour " "est sécurisée avec GSS-TSIG. Ainsi, l'administrateur Active Directory a " "uniquement besoin d'activer les mises à jour sécurisées pour la zone DNS. " "L'adresse IP de la connexion LDAP AD est utilisée pour les mises à jour, à " "moins qu'elle ne soit spécifiée par l'utilisation de l'option " "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:876 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:892 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:905 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " "optional and applicable only when dyndns_update is true. Note that the " "lowest possible value is 60 seconds in-case if value is provided less than " "60, parameter will assume lowest value only." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:928 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1020 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This example shows only the AD provider-specific options." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et example.com " "est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces " "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:1027 #, no-wrap msgid "" "[domain/EXAMPLE]\n" "id_provider = ad\n" "auth_provider = ad\n" "access_provider = ad\n" "chpass_provider = ad\n" "\n" "ad_server = dc1.example.com\n" "ad_hostname = client.example.com\n" "ad_domain = example.com\n" msgstr "" "[domain/EXAMPLE]\n" "id_provider = ad\n" "auth_provider = ad\n" "access_provider = ad\n" "chpass_provider = ad\n" "\n" "ad_server = dc1.example.com\n" "ad_hostname = client.example.com\n" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:1047 #, no-wrap msgid "" "access_provider = ldap\n" "ldap_access_order = expire\n" "ldap_account_expire_policy = ad\n" msgstr "" "access_provider = ldap\n" "ldap_access_order = expire\n" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1043 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" "Le fournisseur de contrôle d'accès AD vérifie si le compte a expiré. Cela a " "le même effet que la configuration suivante du fournisseur LDAP : " "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1053 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " "note that if you configure an access provider other than <quote>ad</quote>, " "you need to set all the connection parameters (such as LDAP URIs and " "encryption details) manually." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:1061 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " "are included in the default Active Directory schema." msgstr "" #. type: Content of: <reference><refentry><refmeta><refentrytitle> #: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16 sssd-session-recording.5.xml:10 msgid "sssd-sudo" msgstr "sssd-sudo" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-sudo.5.xml:17 msgid "Configuring sudo with the SSSD back end" msgstr "Configuration de sudo avec le moteur SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:23 msgid "" "This manual page describes how to configure <citerefentry> " "<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " "to work with <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules." msgstr "" "Cette page de manuel décrit comment configurer " "<citerefentry><refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> pour travailler avec <citerefentry><refentrytitle>sssd</" "refentrytitle> <manvolnum>8</manvolnum></citerefentry> et comment SSSD met " "en cache les règles sudo." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:36 msgid "Configuring sudo to cooperate with SSSD" msgstr "Configuration de sudo pour coopérer avec SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:38 msgid "" "To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to " "the <emphasis>sudoers</emphasis> entry in <citerefentry> " "<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." msgstr "" "Pour activer SSSD comme source pour les règles de sudo, ajouter " "<emphasis>sss</emphasis> à l'entrée <emphasis>sudoers</emphasis> dans " "<citerefentry><refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:47 msgid "" "For example, to configure sudo to first lookup rules in the standard " "<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> file (which should contain rules that apply to " "local users) and then in SSSD, the nsswitch.conf file should contain the " "following line:" msgstr "" "Par exemple, pour configurer sudo pour rechercher d'abord les règles dans le " "fichier standard <citerefentry><refentrytitle>sudoers</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> (qui doit contenir les règles qui " "s'appliquent aux utilisateurs locaux) et ensuite dans SSSD, le fichier " "nsswitch.conf doit contenir la ligne suivante :" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-sudo.5.xml:57 #, no-wrap msgid "sudoers: files sss\n" msgstr "sudoers: files sss\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:61 msgid "" "More information about configuring the sudoers search order from the " "nsswitch.conf file as well as information about the LDAP schema that is used " "to store sudo rules in the directory can be found in <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>." msgstr "" "Plus d'informations sur la configuration de l'ordre de recherche de sudoers " "depuis le fichier nsswitch.conf, mais aussi les informations sur le schéma " "LDAP qui est utilisé pour stocker les règles sudo dans l'annuaire sont " "disponibles dans <citerefentry><refentrytitle>sudoers.ldap</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:70 msgid "" "<emphasis>Note</emphasis>: in order to use netgroups or IPA hostgroups in " "sudo rules, you also need to correctly set <citerefentry> " "<refentrytitle>nisdomainname</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> to your NIS domain name (which equals to IPA domain name when " "using hostgroups)." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:82 msgid "Configuring SSSD to fetch sudo rules" msgstr "Configuration de SSSD pour aller chercher les règles de sudo" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:84 msgid "" "All configuration that is needed on SSSD side is to extend the list of " "<emphasis>services</emphasis> with \"sudo\" in [sssd] section of " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>. To speed up the LDAP lookups, you can also set " "search base for sudo rules using <emphasis>ldap_sudo_search_base</emphasis> " "option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:94 msgid "" "The following example shows how to configure SSSD to download sudo rules " "from an LDAP server." msgstr "" "L'exemple suivant montre comment configurer SSSD pour télécharger les règles " "sudo à partir d'un serveur LDAP." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-sudo.5.xml:99 #, no-wrap msgid "" "[sssd]\n" "config_file_version = 2\n" "services = nss, pam, sudo\n" "domains = EXAMPLE\n" "\n" "[domain/EXAMPLE]\n" "id_provider = ldap\n" "sudo_provider = ldap\n" "ldap_uri = ldap://example.com\n" "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" msgstr "" "[sssd]\n" "config_file_version = 2\n" "services = nss, pam, sudo\n" "domains = EXAMPLE\n" "\n" "[domain/EXAMPLE]\n" "id_provider = ldap\n" "sudo_provider = ldap\n" "ldap_uri = ldap://example.com\n" "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:98 msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> <phrase condition=" "\"have_systemd\"> It's important to note that on platforms where systemd is " "supported there's no need to add the \"sudo\" provider to the list of " "services, as it became optional. However, sssd-sudo.socket must be enabled " "instead. </phrase>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:118 msgid "" "When SSSD is configured to use IPA as the ID provider, the sudo provider is " "automatically enabled. The sudo search base is configured to use the IPA " "native LDAP tree (cn=sudo,$SUFFIX). If any other search base is defined in " "sssd.conf, this value will be used instead. The compat tree (ou=sudoers," "$SUFFIX) is no longer required for IPA sudo functionality." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:128 msgid "The SUDO rule caching mechanism" msgstr "Le mécanisme de mise en cache de règles SUDO" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:130 msgid "" "The biggest challenge, when developing sudo support in SSSD, was to ensure " "that running sudo with SSSD as the data source provides the same user " "experience and is as fast as sudo but keeps providing the most current set " "of rules as possible. To satisfy these requirements, SSSD uses three kinds " "of updates. They are referred to as full refresh, smart refresh and rules " "refresh." msgstr "" "Le plus grand défi lors du développement de la prise en charge de sudo dans " "SSSD était de de s'assurer que l'utilisation d'un sudo exploitant SSSD comme " "source de données fournissait la même expérience utilisateur et était aussi " "rapide que sudo, tout en conservant le jeu de règles le plus à jour " "possible. Pour satisfaire ces exigences, SSSD utilise trois types de mises à " "jour. Elles sont appelées actualisation complète, rafraîchissement " "intelligent et rafraîchissement des règles." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:138 msgid "" "The <emphasis>smart refresh</emphasis> periodically downloads rules that are " "new or were modified after the last update. Its primary goal is to keep the " "database growing by fetching only small increments that do not generate " "large amounts of network traffic." msgstr "" "Le <emphasis>rafraîchissement intelligent</emphasis> télécharge " "périodiquement les règles qui sont nouvelles ou qui ont été modifiées après " "la dernière mise à jour. Son but premier est d'éviter à la base de données " "de grossir en allant chercher de petits incréments qui ne génèrent pas de " "gros de trafic réseau." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:144 msgid "" "The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored " "in the cache and replaces them with all rules that are stored on the server. " "This is used to keep the cache consistent by removing every rule which was " "deleted from the server. However, full refresh may produce a lot of traffic " "and thus it should be run only occasionally depending on the size and " "stability of the sudo rules." msgstr "" "Le <emphasis>rafracîchissement complèt</emphasis> supprime simplement toutes " "les règles sudo stockées dans le cache et les remplace par toutes les règles " "qui sont stockées sur le serveur. Ceci est utilisé pour assurer la cohérence " "de cache en supprimant toutes les règles qui ont été supprimées du serveur. " "Cependant, un rafraîchissement complet peut produire beaucoup de trafic et " "doit n'être exécuté qu'occasionnellement selon la taille et de la stabilité " "des règles sudo." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:152 msgid "" "The <emphasis>rules refresh</emphasis> ensures that we do not grant the user " "more permission than defined. It is triggered each time the user runs sudo. " "Rules refresh will find all rules that apply to this user, check their " "expiration time and redownload them if expired. In the case that any of " "these rules are missing on the server, the SSSD will do an out of band full " "refresh because more rules (that apply to other users) may have been deleted." msgstr "" "Le <emphasis>rafraîchissement des règles</emphasis> fait en sorte de ne pas " "accorder à l'utilisateur plus d'autorisations que défini. Il est déclenché " "chaque fois que l'utilisateur exécute sudo. L'actualisation des règles " "trouvera toutes les règles qui s'appliquent à cet utilisateur, vérifie leur " "date d'expiration et les retéléchargera si elles ont expiré. Dans le cas où " "l'une de ces règles est manquante sur le serveur, SSSD programmera en " "parallèle un rafraîchissement complet hors ligne car d'autres règles " "(s'appliquant à d'autres utilisateurs) peuvent avoir été supprimées." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:161 msgid "" "If enabled, SSSD will store only rules that can be applied to this machine. " "This means rules that contain one of the following values in " "<emphasis>sudoHost</emphasis> attribute:" msgstr "" "Si activé, SSSD stocke uniquement les règles qui peuvent être appliquées à " "cette machine. En d'autres termes, ce sont les règles qui contiennent une " "des valeurs suivantes dans l'attribut de <emphasis>sudoHost</emphasis> :" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:168 msgid "keyword ALL" msgstr "mot-clé ALL" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:173 msgid "wildcard" msgstr "joker" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:178 msgid "netgroup (in the form \"+netgroup\")" msgstr "netgroup (sous la forme « +netgroup »)" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:183 msgid "hostname or fully qualified domain name of this machine" msgstr "" "nom de système ou le nom de domaine pleinement qualifié de cette machine" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:188 msgid "one of the IP addresses of this machine" msgstr "une des adresses IP de cette machine" #. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> #: sssd-sudo.5.xml:193 msgid "one of the IP addresses of the network (in the form \"address/mask\")" msgstr "une des adresses IP du réseau (sous la forme « adresse/masque »)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:199 msgid "" "There are many configuration options that can be used to adjust the " "behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" "Il existe de nombreuses options de configuration qui peuvent être utilisées " "pour ajuster le comportement. Consulter « ldap_sudo_ * » dans " "<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> et « sudo_ * » dans " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.8.xml:10 sssd.8.xml:15 msgid "sssd" msgstr "sssd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.8.xml:16 msgid "System Security Services Daemon" msgstr "System Security Services Daemon" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sssd.8.xml:21 msgid "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:31 msgid "" "<command>SSSD</command> provides a set of daemons to manage access to remote " "directories and authentication mechanisms. It provides an NSS and PAM " "interface toward the system and a pluggable backend system to connect to " "multiple different account sources as well as D-Bus interface. It is also " "the basis to provide client auditing and policy services for projects like " "FreeIPA. It provides a more robust database to store local users as well as " "extended user data." msgstr "" "<command>SSSD</command> fournit un jeu de démons pour gérer l'accès à des " "dossiers distants et les mécanismes d'authentification. Il fournit une " "interface NSS et PAM au travers du système et un moteur système extensible " "par greffons pour se connecter à de multiples comptes de sources différentes " "en plus d'une interface D-Bus. C'est aussi un moyen de fournir un moyen " "d'audit client et une politique de services pour les projets tels que " "FreeIPA. Il fournit une base de donnée plus robuste pour stocker les " "utilisateurs locaux ainsi que les données étendues des utilisateurs." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:46 msgid "" "<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" "replaceable>" msgstr "" "<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:53 msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:57 msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" msgstr "" "<emphasis>1</emphasis> : Ajouter un horodatage aux messages de débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:60 msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" msgstr "" "<emphasis>0</emphasis> : Désactiver l'horodatage dans les messages de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:69 msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" msgstr "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:73 msgid "" "<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" msgstr "" "<emphasis>1</emphasis> : Ajouter les microsecondes à l'horodatage dans les " "messages de débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:76 msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" msgstr "" "<emphasis>0</emphasis> : Désactiver les microsecondes dans l'horodatage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:85 msgid "<option>-f</option>,<option>--debug-to-files</option>" msgstr "<option>-f</option>,<option>--debug-to-files</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:89 msgid "" "Send the debug output to files instead of stderr. By default, the log files " "are stored in <filename>/var/log/sssd</filename> and there are separate log " "files for every SSSD service and domain." msgstr "" "Envoie la sortie de débogage vers des fichiers plutôt que vers la sortie " "d'erreur standard. Par défaut, les fichiers de sortie sont stockés dans " "<filename>/var/log/sssd</filename> et des fichiers différents sont créés " "pour chaque service et domaine SSSD." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:97 msgid "<option>-D</option>,<option>--daemon</option>" msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:101 msgid "Become a daemon after starting up." msgstr "Devenir un démon après le démarrage." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:107 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:111 msgid "Run in the foreground, don't become a daemon." msgstr "Tourner en avant-plan et ne pas devenir un démon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:117 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:121 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " "consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Définit un fichier de configuration autre que celui par défaut (<filename>/" "etc/sssd/sssd.conf</filename>). Pour obtenir des informations sur la syntaxe " "et les options du fichier de configuration, consulter les pages de manuel de " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:135 msgid "<option>--version</option>" msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:139 msgid "Print version number and exit." msgstr "Afficher le numéro de version et quitter." #. type: Content of: <reference><refentry><refsect1><title> #: sssd.8.xml:147 msgid "Signals" msgstr "Signaux" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:150 msgid "SIGTERM/SIGINT" msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:153 msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" "Indique à SSSD de fermer normalement tous ses processus fils puis d'arrêter " "le moniteur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:159 msgid "SIGHUP" msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:162 msgid "" "Tells the SSSD to stop writing to its current debug file descriptors and to " "close and reopen them. This is meant to facilitate log rolling with programs " "like logrotate." msgstr "" "Précise à SSSD de ne plus écrire vers son fichier de débogage actuel, de le " "fermer et de le rouvrir. Cela permet de faciliter les rotations de fichiers " "de sortie avec des programmes tels que logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:170 msgid "SIGUSR1" msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 msgid "" "Tells the SSSD to simulate offline operation for the duration of the " "<quote>offline_timeout</quote> parameter. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " "directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:182 msgid "SIGUSR2" msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:185 msgid "" "Tells the SSSD to go online immediately. This is useful for testing. The " "signal can be sent to either the sssd process or any sssd_be process " "directly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:197 msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in memory cache." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 msgid "sss_obfuscate" msgstr "sss_obfuscate" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_obfuscate.8.xml:16 msgid "obfuscate a clear text password" msgstr "obscurcir un mot de passe en clair" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_obfuscate.8.xml:21 msgid "" "<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" msgstr "" "<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:32 msgid "" "<command>sss_obfuscate</command> converts a given password into human-" "unreadable format and places it into appropriate domain section of the SSSD " "config file." msgstr "" "<command>sss_obfuscate</command> convertit un mot de passe donné en un " "format illisible par un humain et le place dans la section de domaine " "appropriée du fichier de configuration SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:37 msgid "" "The cleartext password is read from standard input or entered " "interactively. The obfuscated password is put into " "<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " "<quote>ldap_default_authtok_type</quote> parameter is set to " "<quote>obfuscated_password</quote>. Refer to <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more details on these parameters." msgstr "" "Le mot de passe en clair est lu dans l'entrée standard ou entré " "interactivement. Les mots de passes chiffrés sont mis dans " "<quote>ldap_default_authtok</quote> pour un domaine SSSD donné et le " "paramètre <quote>ldap_default_authtok_type</quote> est défini à " "<quote>obfuscated_password</quote>. Cf. <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails sur ces paramètres." #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:49 msgid "" "Please note that obfuscating the password provides <emphasis>no real " "security benefit</emphasis> as it is still possible for an attacker to " "reverse-engineer the password back. Using better authentication mechanisms " "such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " "advised." msgstr "" "Veuillez noter que les mots de passe chiffrés ne fournissent <emphasis>aucun " "réel bénéfice de sécurité</emphasis> étant donné qu'il est possible de " "retrouver le mot de passe par ingénierie-inverse. Utiliser un meilleur " "mécanisme d'authentification tel que les certificats côté client ou GSSAPI " "est <emphasis>très</emphasis> conseillé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:63 msgid "<option>-s</option>,<option>--stdin</option>" msgstr "<option>-s</option>,<option>--stdin</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:67 msgid "The password to obfuscate will be read from standard input." msgstr "Le mot de passe chiffré sera lu sur l'entrée standard." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:70 #: sss_ssh_knownhostsproxy.1.xml:78 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAINE</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:79 msgid "" "The SSSD domain to use the password in. The default name is <quote>default</" "quote>." msgstr "" "Le domaine SSSD auquel est lié le mot de passe. Le nom par défaut est " "<quote>default</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:86 msgid "" "<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" msgstr "" "<option>-f</option>,<option>--file</option> <replaceable>FICHIER</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:91 msgid "Read the config file specified by the positional parameter." msgstr "Lit le fichier de configuration spécifié par le paramètre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:95 msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" msgstr "Par défaut : <filename>/etc/sssd/sssd.conf</filename>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_override.8.xml:10 sss_override.8.xml:15 msgid "sss_override" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_override.8.xml:16 msgid "create local overrides of user and group attributes" msgstr "" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_override.8.xml:21 msgid "" "<command>sss_override</command> <arg choice='plain'><replaceable>COMMAND</" "replaceable></arg> <arg choice='opt'> <replaceable>options</replaceable> </" "arg>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:32 msgid "" "<command>sss_override</command> enables to create a client-side view and " "allows to change selected values of specific user and groups. This change " "takes effect only on local machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:37 msgid "" "Overrides data are stored in the SSSD cache. If the cache is deleted, all " "local overrides are lost. Please note that after the first override is " "created using any of the following <emphasis>user-add</emphasis>, " "<emphasis>group-add</emphasis>, <emphasis>user-import</emphasis> or " "<emphasis>group-import</emphasis> command. SSSD needs to be restarted to " "take effect. <emphasis>sss_override</emphasis> prints message when a " "restart is required." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_override.8.xml:50 sssctl.8.xml:41 msgid "AVAILABLE COMMANDS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:52 msgid "" "Argument <emphasis>NAME</emphasis> is the name of original object in all " "commands. It is not possible to override <emphasis>uid</emphasis> or " "<emphasis>gid</emphasis> to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:59 msgid "" "<option>user-add</option> <emphasis>NAME</emphasis> <optional><option>-n,--" "name</option> NAME</optional> <optional><option>-u,--uid</option> UID</" "optional> <optional><option>-g,--gid</option> GID</optional> " "<optional><option>-h,--home</option> HOME</optional> <optional><option>-s,--" "shell</option> SHELL</optional> <optional><option>-c,--gecos</option> GECOS</" "optional> <optional><option>-x,--certificate</option> BASE64 ENCODED " "CERTIFICATE</optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:72 msgid "" "Override attributes of an user. Please be aware that calling this command " "will replace any previous override for the (NAMEd) user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:80 msgid "<option>user-del</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:85 msgid "" "Remove user overrides. However be aware that overridden attributes might be " "returned from memory cache. Please see SSSD option " "<emphasis>memcache_timeout</emphasis> for more details." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:94 msgid "" "<option>user-find</option> <optional><option>-d,--domain</option> DOMAIN</" "optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:99 msgid "" "List all users with set overrides. If <emphasis>DOMAIN</emphasis> parameter " "is set, only users from the domain are listed." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:107 msgid "<option>user-show</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:112 msgid "Show user overrides." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:118 msgid "<option>user-import</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:123 msgid "" "Import user overrides from <emphasis>FILE</emphasis>. Data format is " "similar to standard passwd file. The format is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:128 msgid "original_name:name:uid:gid:gecos:home:shell:base64_encoded_certificate" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:131 msgid "" "where original_name is original name of the user whose attributes should be " "overridden. The rest of fields correspond to new values. You can omit a " "value simply by leaving corresponding field empty." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:140 msgid "ckent:superman::::::" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:143 msgid "ckent@krypton.com::501:501:Superman:/home/earth:/bin/bash:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:149 msgid "<option>user-export</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:154 msgid "" "Export all overridden attributes and store them in <emphasis>FILE</" "emphasis>. See <emphasis>user-import</emphasis> for data format." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:162 msgid "" "<option>group-add</option> <emphasis>NAME</emphasis> <optional><option>-n,--" "name</option> NAME</optional> <optional><option>-g,--gid</option> GID</" "optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:169 msgid "" "Override attributes of a group. Please be aware that calling this command " "will replace any previous override for the (NAMEd) group." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:177 msgid "<option>group-del</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:182 msgid "" "Remove group overrides. However be aware that overridden attributes might be " "returned from memory cache. Please see SSSD option " "<emphasis>memcache_timeout</emphasis> for more details." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:191 msgid "" "<option>group-find</option> <optional><option>-d,--domain</option> DOMAIN</" "optional>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:196 msgid "" "List all groups with set overrides. If <emphasis>DOMAIN</emphasis> " "parameter is set, only groups from the domain are listed." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:204 msgid "<option>group-show</option> <emphasis>NAME</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:209 msgid "Show group overrides." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:215 msgid "<option>group-import</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:220 msgid "" "Import group overrides from <emphasis>FILE</emphasis>. Data format is " "similar to standard group file. The format is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:225 msgid "original_name:name:gid" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:228 msgid "" "where original_name is original name of the group whose attributes should be " "overridden. The rest of fields correspond to new values. You can omit a " "value simply by leaving corresponding field empty." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:237 msgid "admins:administrators:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:240 msgid "Domain Users:Users:501" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:246 msgid "<option>group-export</option> <emphasis>FILE</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_override.8.xml:251 msgid "" "Export all overridden attributes and store them in <emphasis>FILE</" "emphasis>. See <emphasis>group-import</emphasis> for data format." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_override.8.xml:261 sssctl.8.xml:50 msgid "COMMON OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_override.8.xml:263 sssctl.8.xml:52 msgid "Those options are available with all commands." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_override.8.xml:268 sssctl.8.xml:57 msgid "<option>--debug</option> <replaceable>LEVEL</replaceable>" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_useradd.8.xml:10 sss_useradd.8.xml:15 msgid "sss_useradd" msgstr "sss_useradd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_useradd.8.xml:16 msgid "create a new user" msgstr "créer un utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_useradd.8.xml:21 msgid "" "<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" "<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>UTILISATEUR</" "replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:32 msgid "" "<command>sss_useradd</command> creates a new user account using the values " "specified on the command line plus the default values from the system." msgstr "" "<command>sss_useradd</command> crée un nouveau compte utilisateur en " "utilisant les valeurs spécifiées en ligne de commande auquelles sont " "ajoutées les valeurs par défaut du système." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:43 sss_seed.8.xml:76 msgid "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:48 msgid "" "Set the UID of the user to the value of <replaceable>UID</replaceable>. If " "not given, it is chosen automatically." msgstr "" "Définit l'UID de l'utilisateur à la valeur <replaceable>UID</replaceable>. " "Si non précisé, il est choisit automatiquement." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100 msgid "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" "replaceable>" msgstr "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENTAIRE</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105 msgid "" "Any text string describing the user. Often used as the field for the user's " "full name." msgstr "" "Toute chaîne de caractère décrivant l'utilisateur. Souvent utilisé comme " "champ pour le nom entier de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112 msgid "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" msgstr "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:72 msgid "" "The home directory of the user account. The default is to append the " "<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " "that as the home directory. The base that is prepended before " "<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" "baseDirectory</quote> setting in sssd.conf." msgstr "" "Le répertoire personnel du compte utilisateur. Par défaut, on ajoute " "<replaceable>LOGIN</replaceable> à <filename>/home</filename> et on utilise " "cela comme dossier personnel. La base précédent <replaceable>LOGIN</" "replaceable> est modifiable avec le paramètre <quote>user_defaults/" "baseDirectory</quote> de sssd.conf." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124 msgid "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" msgstr "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:87 msgid "" "The user's login shell. The default is currently <filename>/bin/bash</" "filename>. The default can be changed with <quote>user_defaults/" "defaultShell</quote> setting in sssd.conf." msgstr "" "L'interpréteur de commande de l'utilisateur. La valeur par défaut actuelle, " "<filename>/bin/bash</filename>, peut être modifiée avec le paramètre " "<quote>user_defaults/defaultShell</quote> dans sssd.conf." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:96 msgid "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" "replaceable>" msgstr "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPES</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:101 msgid "A list of existing groups this user is also a member of." msgstr "Une liste de groupes existants dont l'utilisateur est aussi membre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:107 msgid "<option>-m</option>,<option>--create-home</option>" msgstr "<option>-m</option>,<option>--create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:111 msgid "" "Create the user's home directory if it does not exist. The files and " "directories contained in the skeleton directory (which can be defined with " "the -k option or in the config file) will be copied to the home directory." msgstr "" "Crée le répertoire personnel de l'utilisateur s'il n'existe pas. Les " "fichiers et répertoires inclus dans le répertoire squelette (pouvant être " "définis avec l'option -k ou dans le fichier de configuration) sont copiés " "dans le dossier personnel." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:121 msgid "<option>-M</option>,<option>--no-create-home</option>" msgstr "<option>-M</option>,<option>--no-create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:125 msgid "" "Do not create the user's home directory. Overrides configuration settings." msgstr "" "Ne pas créer de dossier personnel pour l'utilisateur. Écrase les paramètres " "de configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:132 msgid "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" msgstr "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:137 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<command>sss_useradd</command>." msgstr "" "Le répertoire squelette, contenant les fichiers et répertoires à copier dans " "le répertoire personnel de l'utilisateur, quand le répertoire personnel est " "créé par <command>sss_useradd</command>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:143 msgid "" "Special files (block devices, character devices, named pipes and unix " "sockets) will not be copied." msgstr "" "Les fichiers spéciaux (périphériques blocs, caractères, tubes nommés et " "sockets unix) ne seront pas copiés." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:147 msgid "" "This option is only valid if the <option>-m</option> (or <option>--create-" "home</option>) option is specified, or creation of home directories is set " "to TRUE in the configuration." msgstr "" "L'option n'est valide que si l'option <option>-m</option> (ou <option>--" "create-home</option>) est utilisée ou si la création de répertoires " "personnels est à TRUE dans la configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:156 sss_usermod.8.xml:124 msgid "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>SELINUX_USER</replaceable>" msgstr "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>UTILISATEUR_SELINUX</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:161 msgid "" "The SELinux user for the user's login. If not specified, the system default " "will be used." msgstr "" "L'utilisateur SELinux pour la connexion utilisateur. Si non spécifié, la " "valeur par défaut du système est utilisée." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 msgid "sssd-krb5" msgstr "sssd-krb5" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-krb5.5.xml:17 msgid "SSSD Kerberos provider" msgstr "Fournisseur Kerberos SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:23 msgid "" "This manual page describes the configuration of the Kerberos 5 " "authentication backend for <citerefentry> <refentrytitle>sssd</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " "syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " "the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du moteur d'authentification de " "Kerberos 5 pour <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. Pour une référence détaillée sur " "la syntaex, veuillez vous référer à la section <quote>FORMAT DE FICHIER</" "quote> du manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:36 msgid "" "The Kerberos 5 authentication backend contains auth and chpass providers. It " "must be paired with an identity provider in order to function properly (for " "example, id_provider = ldap). Some information required by the Kerberos 5 " "authentication backend must be provided by the identity provider, such as " "the user's Kerberos Principal Name (UPN). The configuration of the identity " "provider should have an entry to specify the UPN. Please refer to the man " "page for the applicable identity provider for details on how to configure " "this." msgstr "" "Le moteur d'authentification Kerberos 5 contient les fournisseurs " "d'authentification et de changement de mot de passe. Il doit être couplé " "avec un fournisseur d'identité de manière à fonctionner proprement (par " "exemple, id_provider = ldap). Plusieurs informations requises par le moteur " "d'authentification Kerberos 5 doivent être fournies par le fournisseur " "d'identité, telles que le nom du principal de l'utilisateur Kerberos (UPN). " "La configuration du fournisseur d'identité doit avoir une entrée pour " "spécifier l'UPN. Veuillez vous référer aux pages du manuel du fournisseur " "d'identité ad-hoc pour pouvoir le configurer." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " "home directory of the user. See <citerefentry> <refentrytitle>.k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " "configuration." msgstr "" "Ce moteur fournit aussi un contrôle d'accès sur le fichier .k5login dans le " "répertoire personnel de l'utilisateur. Voir <citerefentry> <refentrytitle>." "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. Veuillez noter qu'un fichier .k5login vide interdira tout accès " "pour cet utilisateur. Pour activer cette option, utilisez « access_provider " "= krb5 » dans votre configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:55 msgid "" "In the case where the UPN is not available in the identity backend, " "<command>sssd</command> will construct a UPN using the format " "<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." msgstr "" "Dans le cas où l'UPN n'est pas valide dans le moteur d'identité, " "<command>sssd</command> construira un UPN en utilisant le format " "<replaceable>utilisateur</replaceable>@<replaceable>krb5_realm</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:77 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect, in the order of preference. " "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. An optional port number (preceded by a " "colon) may be appended to the addresses or hostnames. If empty, service " "discovery is enabled; for more information, refer to the <quote>SERVICE " "DISCOVERY</quote> section." msgstr "" "Spécifie la liste séparée par des virgules des adresses IP ou des noms de " "systèmes des serveurs Kerberos auquel SSSD doit se connecter, par ordre de " "préférence. Pour plus d'informations sur la redondance par bascule et le " "serveur, consultez la section de <quote>BASCULE</quote>. Un numéro de port " "facultatif (précédé de deux-points) peut être ajouté aux adresses ou aux " "noms de systèmes. Si vide, le service de découverte est activé - pour plus " "d'informations, se reporter à la section <quote>DÉCOUVERTE DE SERVICE</" "quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:106 msgid "" "The name of the Kerberos realm. This option is required and must be " "specified." msgstr "" "Le nom du domaine Kerberos. Cette option est nécessaire et doit être " "renseignée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:113 msgid "krb5_kpasswd, krb5_backup_kpasswd (string)" msgstr "krb5_kpasswd, krb5_backup_kpasswd (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:116 msgid "" "If the change password service is not running on the KDC, alternative " "servers can be defined here. An optional port number (preceded by a colon) " "may be appended to the addresses or hostnames." msgstr "" "Si le service de changement de mot de passe ne fonctionne pas sur le KDC, " "des serveurs de secours peuvent être définis ici. Un numéro de port " "facultatif (précédé par un signe deux-points) peut-être être suffixé aux " "adresses ou aux noms de systèmes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:122 msgid "" "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd " "servers to try, the backend is not switched to operate offline if " "authentication against the KDC is still possible." msgstr "" "Pour plus d'information sur la bascule et la redondance de serveurs, voir la " "section <quote>BASCULE</quote>. Noter que même si il n'y a plus de serveurs " "kpasswd à essayer, le moteur ne passe pas en mode hors-ligne si " "l'authentification KDC est toujours possible." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:129 msgid "Default: Use the KDC" msgstr "Par défaut : utiliser le KDC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:135 msgid "krb5_ccachedir (string)" msgstr "krb5_ccachedir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:138 msgid "" "Directory to store credential caches. All the substitution sequences of " "krb5_ccname_template can be used here, too, except %d and %P. The directory " "is created as private and owned by the user, with permissions set to 0700." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:145 msgid "Default: /tmp" msgstr "Par défaut : /tmp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:151 msgid "krb5_ccname_template (string)" msgstr "krb5_ccname_template (chaîne)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:165 include/override_homedir.xml:11 msgid "%u" msgstr "%u" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:166 include/override_homedir.xml:12 msgid "login name" msgstr "identifiant de connexion" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:169 include/override_homedir.xml:15 msgid "%U" msgstr "%U" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:170 msgid "login UID" msgstr "UID de l'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:173 msgid "%p" msgstr "%p" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:174 msgid "principal name" msgstr "nom du principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:178 msgid "%r" msgstr "%r" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:179 msgid "realm name" msgstr "nom de domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:182 msgid "%h" msgstr "%h" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:183 sssd-ifp.5.xml:108 msgid "home directory" msgstr "répertoire personnel" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:187 include/override_homedir.xml:19 msgid "%d" msgstr "%d" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:188 msgid "value of krb5_ccachedir" msgstr "valeur de krb5_ccachedir" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:193 include/override_homedir.xml:31 msgid "%P" msgstr "%P" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:194 msgid "the process ID of the SSSD client" msgstr "l'ID de processus du client SSSD" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:199 include/override_homedir.xml:49 msgid "%%" msgstr "%%" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:200 include/override_homedir.xml:50 msgid "a literal '%'" msgstr "un « % » littéral" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:154 msgid "" "Location of the user's credential cache. Three credential cache types are " "currently supported: <quote>FILE</quote>, <quote>DIR</quote> and " "<quote>KEYRING:persistent</quote>. The cache can be specified either as " "<replaceable>TYPE:RESIDUAL</replaceable>, or as an absolute path, which " "implies the <quote>FILE</quote> type. In the template, the following " "sequences are substituted: <placeholder type=\"variablelist\" id=\"0\"/> If " "the template ends with 'XXXXXX' mkstemp(3) is used to create a unique " "filename in a safe way." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:208 msgid "" "When using KEYRING types, the only supported mechanism is <quote>KEYRING:" "persistent:%U</quote>, which uses the Linux kernel keyring to store " "credentials on a per-UID basis. This is also the recommended choice, as it " "is the most secure and predictable method." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:216 msgid "" "The default value for the credential cache name is sourced from the profile " "stored in the system wide krb5.conf configuration file in the [libdefaults] " "section. The option name is default_ccache_name. See krb5.conf(5)'s " "PARAMETER EXPANSION paragraph for additional information on the expansion " "format defined by krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:225 msgid "" "NOTE: Please be aware that libkrb5 ccache expansion template from " "<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> uses different expansion sequences than SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:234 msgid "Default: (from libkrb5)" msgstr "Par défaut : (valeur provenant de libkrb5)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:240 msgid "krb5_auth_timeout (integer)" msgstr "krb5_auth_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:243 msgid "" "Timeout in seconds after an online authentication request or change password " "request is aborted. If possible, the authentication request is continued " "offline." msgstr "" "Délai d'attente, en secondes, après l'annulation d'une requête " "d'authentification en ligne ou de changement de mot de passe. La requête " "d'authentification sera effectuée hors-ligne si cela est possible." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:254 msgid "krb5_validate (boolean)" msgstr "krb5_validate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:257 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed. The keytab is checked for entries sequentially, and the first entry " "with a matching realm is used for validation. If no entry matches the realm, " "the last entry in the keytab is used. This process can be used to validate " "environments using cross-realm trust by placing the appropriate keytab entry " "as the last entry or the only entry in the keytab file." msgstr "" "Vérifie à l'aide de krb5_keytab que le TGT obtenu n'a pas été usurpé. Les " "entrées d'un fichier keytab sont vérifiées dans l'ordre, et la première " "entrée avec un domaine correspondant est utilisée pour la validation. Si " "aucune entrée ne correspond au domaine, la dernière entrée dans le fichier " "keytab est utilisée. Ce processus peut être utilisé pour valider des " "environnements utilisant l'approbation entre domaines en plaçant l'entrée " "keytab appropriée comme dernière ou comme seule entrée dans le fichier " "keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:272 msgid "krb5_keytab (string)" msgstr "krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:275 msgid "" "The location of the keytab to use when validating credentials obtained from " "KDCs." msgstr "" "L'emplacement du fichier keytab à utiliser pour valider les données " "d'identification obtenues à partir de KDC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:279 msgid "Default: /etc/krb5.keytab" msgstr "Par défaut : /etc/krb5.keytab" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:285 msgid "krb5_store_password_if_offline (boolean)" msgstr "krb5_store_password_if_offline (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:288 msgid "" "Store the password of the user if the provider is offline and use it to " "request a TGT when the provider comes online again." msgstr "" "Stocke le mot de passe de l'utilisateur si le fournisseur est hors-ligne, " "puis l'utilise pour obtenir un TGT lorsque le fournisseur redevient " "disponible en ligne." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:293 msgid "" "NOTE: this feature is only available on Linux. Passwords stored in this way " "are kept in plaintext in the kernel keyring and are potentially accessible " "by the root user (with difficulty)." msgstr "" "NOTE : cette fonctionnalité n'est actuellement disponible que sur les plates-" "formes Linux. Les mots de passe stockés de cette manière sont conservés en " "texte brut dans le trousseau de clés du noyau et sont potentiellement " "accessibles à l'utilisateur root (avec difficulté)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:306 msgid "krb5_renewable_lifetime (string)" msgstr "krb5_renewable_lifetime (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:309 msgid "" "Request a renewable ticket with a total lifetime, given as an integer " "immediately followed by a time unit:" msgstr "" "Demande un ticket renouvelable avec une durée de vie totale, donnée par un " "entier immédiatement suivi par une unité de temps :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:314 sssd-krb5.5.xml:348 sssd-krb5.5.xml:385 msgid "<emphasis>s</emphasis> for seconds" msgstr "<emphasis>s</emphasis> pour secondes" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:317 sssd-krb5.5.xml:351 sssd-krb5.5.xml:388 msgid "<emphasis>m</emphasis> for minutes" msgstr "<emphasis>m</emphasis> pour minutes" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:320 sssd-krb5.5.xml:354 sssd-krb5.5.xml:391 msgid "<emphasis>h</emphasis> for hours" msgstr "<emphasis>h</emphasis> pour heures" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:323 sssd-krb5.5.xml:357 sssd-krb5.5.xml:394 msgid "<emphasis>d</emphasis> for days." msgstr "<emphasis>d</emphasis> pour jours." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:326 sssd-krb5.5.xml:397 msgid "If there is no unit given, <emphasis>s</emphasis> is assumed." msgstr "Si aucune unité n'est spécifiée, <emphasis>s</emphasis> est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:401 msgid "" "NOTE: It is not possible to mix units. To set the renewable lifetime to one " "and a half hours, use '90m' instead of '1h30m'." msgstr "" "NOTE : il n'est pas possible de mélanger les unités. Pour indiquer une durée " "de vie renouvelable de une heure et trente minutes, utiliser « 90m » au lieu " "de « 1h30m »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:335 msgid "Default: not set, i.e. the TGT is not renewable" msgstr "" "Par défaut : non défini, c'est-à-dire que le TGT n'est pas renouvelable" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:341 msgid "krb5_lifetime (string)" msgstr "krb5_lifetime (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:344 msgid "" "Request ticket with a lifetime, given as an integer immediately followed by " "a time unit:" msgstr "" "Demande un ticket avec une durée de vie, donnée par un entier immédiatement " "suivi par une unité de temps :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:360 msgid "If there is no unit given <emphasis>s</emphasis> is assumed." msgstr "Si aucune unité n'est spécifiée, <emphasis>s</emphasis> est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:364 msgid "" "NOTE: It is not possible to mix units. To set the lifetime to one and a " "half hours please use '90m' instead of '1h30m'." msgstr "" "NOTE : il n'est pas possible de mélanger les unités. Pour indiquer une durée " "de vie de une heure et trente minutes, utiliser « 90m » au lieu de « 1h30m »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:369 msgid "" "Default: not set, i.e. the default ticket lifetime configured on the KDC." msgstr "" "Par défaut : non défini, c'est-à-dire la durée de vie par défaut configurée " "dans le KDC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:376 msgid "krb5_renew_interval (string)" msgstr "krb5_renew_interval (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:379 msgid "" "The time in seconds between two checks if the TGT should be renewed. TGTs " "are renewed if about half of their lifetime is exceeded, given as an integer " "immediately followed by a time unit:" msgstr "" "La durée, en secondes, entre deux vérifications pour savoir si le TGT doit " "être renouvelé. Les TGT sont renouvelés si environ la moitié de leur durée " "de vie est dépassée. Indiquée par un entier immédiatement suivi d'une unité " "de temps :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:406 msgid "If this option is not set or is 0 the automatic renewal is disabled." msgstr "" "Si cette option n'est pas définie ou définie à 0, le renouvellement " "automatique est désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:416 msgid "krb5_use_fast (string)" msgstr "krb5_use_fast (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:419 msgid "" "Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" "authentication. The following options are supported:" msgstr "" "Active le flexible authentication secure tunneling (FAST) pour la pré-" "authentification Kerberos. Les options suivantes sont supportées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:424 msgid "" "<emphasis>never</emphasis> use FAST. This is equivalent to not setting this " "option at all." msgstr "" "<emphasis>never</emphasis> : ne jamais utiliser FAST. Ceci équivaut à ne pas " "définir cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:428 msgid "" "<emphasis>try</emphasis> to use FAST. If the server does not support FAST, " "continue the authentication without it." msgstr "" "<emphasis>try</emphasis> : eassyer d'utiliser FAST. Si le serveur ne prend " "pas en charge FAST, continuer l'authentification sans." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:433 msgid "" "<emphasis>demand</emphasis> to use FAST. The authentication fails if the " "server does not require fast." msgstr "" "<emphasis>demander</emphasis> : imposer d'utiliser FAST. L'authentification " "échoue si le serveur ne requiert pas FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:438 msgid "Default: not set, i.e. FAST is not used." msgstr "Par défaut : non défini, i.e. FAST n'est pas utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:441 msgid "NOTE: a keytab is required to use FAST." msgstr "NOTE : un fichier keytab est requis pour utiliser FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:444 msgid "" "NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If " "SSSD is used with an older version of MIT Kerberos, using this option is a " "configuration error." msgstr "" "NOTE : SSSD prend en charge le paramètre FAST uniquement avec MIT Kerberos " "version 1.8 et au-delà. L'utilisation de SSSD avec une version antérieure de " "MIT Kerberos avec cette option est une erreur de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:453 msgid "krb5_fast_principal (string)" msgstr "krb5_fast_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:456 msgid "Specifies the server principal to use for FAST." msgstr "Spécifie le principal de serveur afin d'utiliser FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:465 msgid "" "Specifies if the host and user principal should be canonicalized. This " "feature is available with MIT Kerberos 1.7 and later versions." msgstr "" "Spécifie si les principaux du système et de l'utilisateur doivent être " "rendus canoniques. Cette fonctionnalité est disponible avec MIT Kerberos 1.7 " "et versions suivantes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:505 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:508 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" "Indique si le principal de l'utilisateur doit être traité comme un principal " "d'entreprise. Cf. la section 5 de la RFC 6806 pour plus de détails sur les " "principals d'entreprise." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:514 msgid "Default: false (AD provider: true)" msgstr "Par défaut : false (AD provider : true)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:517 msgid "" "The IPA provider will set to option to 'true' if it detects that the server " "is capable of handling enterprise principals and the option is not set " "explicitly in the config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:526 msgid "krb5_map_user (string)" msgstr "krb5_map_user (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:529 msgid "" "The list of mappings is given as a comma-separated list of pairs " "<quote>username:primary</quote> where <quote>username</quote> is a UNIX user " "name and <quote>primary</quote> is a user part of a kerberos principal. This " "mapping is used when user is authenticating using <quote>auth_provider = " "krb5</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-krb5.5.xml:541 #, no-wrap msgid "" "krb5_realm = REALM\n" "krb5_map_user = joe:juser,dick:richard\n" msgstr "" "krb5_realm = REALM\n" "krb5_map_user = joe:juser,dick:richard\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:546 msgid "" "<quote>joe</quote> and <quote>dick</quote> are UNIX user names and " "<quote>juser</quote> and <quote>richard</quote> are primaries of kerberos " "principals. For user <quote>joe</quote> resp. <quote>dick</quote> SSSD will " "try to kinit as <quote>juser@REALM</quote> resp. <quote>richard@REALM</" "quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" "If the auth-module krb5 is used in an SSSD domain, the following options " "must be used. See the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section " "<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Si le module auth krb5 est utilisé dans un domaine SSSD, les options " "suivantes doivent être utilisées. Cf. la page de manuel " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>, section <quote>SECTIONS DOMAINE</quote> pour plus " "de détails sur la configuration d'un domaine SSSD. <placeholder type=" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:572 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " "example shows only configuration of Kerberos authentication; it does not " "include any identity provider." msgstr "" "L'exemple suivant suppose que SSSD est correctement configuré et que FOO est " "l'un des domaines de la section <replaceable>[sssd]</replaceable>. Cet " "exemple montre uniquement la configuration de l'authentification Kerberos, " "et n'inclut aucun fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-krb5.5.xml:580 #, no-wrap msgid "" "[domain/FOO]\n" "auth_provider = krb5\n" "krb5_server = 192.168.1.1\n" "krb5_realm = EXAMPLE.COM\n" msgstr "" "[domain/FOO]\n" "auth_provider = krb5\n" "krb5_server = 192.168.1.1\n" "krb5_realm = EXAMPLE.COM\n" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 msgid "sss_groupadd" msgstr "sss_groupadd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupadd.8.xml:16 msgid "create a new group" msgstr "Créer un nouveau groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupadd.8.xml:21 msgid "" "<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:32 msgid "" "<command>sss_groupadd</command> creates a new group. These groups are " "compatible with POSIX groups, with the additional feature that they can " "contain other groups as members." msgstr "" "<command>sss_groupadd</command> crée un nouveau groupe. Ces groupes sont " "compatibles avec les groupes POSIX, avec la caractéristique supplémentaire " "qu'ils peuvent contenir d'autres groupes comme membres." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupadd.8.xml:43 sss_seed.8.xml:88 msgid "" "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" msgstr "" "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupadd.8.xml:48 msgid "" "Set the GID of the group to the value of <replaceable>GID</replaceable>. If " "not given, it is chosen automatically." msgstr "" "Positionne le GID du groupe à la valeur <replaceable>GID</replaceable>. Si " "non spécifié, il est choisi automatiquement." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_userdel.8.xml:10 sss_userdel.8.xml:15 msgid "sss_userdel" msgstr "sss_userdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_userdel.8.xml:16 msgid "delete a user account" msgstr "Supprimer un compte utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_userdel.8.xml:21 msgid "" "<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" "<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:32 msgid "" "<command>sss_userdel</command> deletes a user identified by login name " "<replaceable>LOGIN</replaceable> from the system." msgstr "" "<command>sss_userdel</command> supprime du système un utilisateur identifié " "par son identifiant de connexion <replaceable>LOGIN</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:44 msgid "<option>-r</option>,<option>--remove</option>" msgstr "<option>-r</option>,<option>--remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:48 msgid "" "Files in the user's home directory will be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" "Les fichiers dans le répertoire ainsi que le répertoire lui-même de " "l'utilisateur et sa messagerie seront supprimés. Outrepasse la configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:56 msgid "<option>-R</option>,<option>--no-remove</option>" msgstr "<option>-R</option>,<option>--no-remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:60 msgid "" "Files in the user's home directory will NOT be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" "Les fichiers dans le répertoire ainsi que le répertoire lui-même de " "l'utilisateur et sa messagerie ne seront PAS supprimés. Outrepasse la " "configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:68 msgid "<option>-f</option>,<option>--force</option>" msgstr "<option>-f</option>,<option>--force</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:72 msgid "" "This option forces <command>sss_userdel</command> to remove the user's home " "directory and mail spool, even if they are not owned by the specified user." msgstr "" "Cette option oblige <command>sss_userdel</command> à supprimer le répertoire " "home de l'utilisateur et sa messagerie, même si ils ne sont pas détenus par " "l'utilisateur spécifié." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:80 msgid "<option>-k</option>,<option>--kick</option>" msgstr "<option>-k</option>,<option>--kick</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:84 msgid "Before actually deleting the user, terminate all his processes." msgstr "" "Avant de réellement supprimer l'utilisateur, mettre fin à tous ses processus." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 msgid "sss_groupdel" msgstr "sss_groupdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupdel.8.xml:16 msgid "delete a group" msgstr "supprimer un groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupdel.8.xml:21 msgid "" "<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:32 msgid "" "<command>sss_groupdel</command> deletes a group identified by its name " "<replaceable>GROUP</replaceable> from the system." msgstr "" "<command>sss_groupdel</command> supprime du système un groupe identifié par " "son nom de groupe <replaceable>GROUPE</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 msgid "sss_groupshow" msgstr "sss_groupshow" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupshow.8.xml:16 msgid "print properties of a group" msgstr "affiche les propriétés d'un groupe" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupshow.8.xml:21 msgid "" "<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" "<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupshow.8.xml:32 msgid "" "<command>sss_groupshow</command> displays information about a group " "identified by its name <replaceable>GROUP</replaceable>. The information " "includes the group ID number, members of the group and the parent group." msgstr "" "<command>sss_groupshow</command> affiche des informations sur un groupe " "identifié par son nom <replaceable>GROUPE</replaceable>. Les informations " "incluent l'ID de groupe, les membres du groupe ainsi que le groupe parent." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupshow.8.xml:43 msgid "<option>-R</option>,<option>--recursive</option>" msgstr "<option>-R</option>,<option>--recursive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupshow.8.xml:47 msgid "" "Also print indirect group members in a tree-like hierarchy. Note that this " "also affects printing parent groups - without <option>R</option>, only the " "direct parent will be printed." msgstr "" "Affiche aussi les membres indirects de groupe dans une hiérarchie " "arborescente. Noter que cela affecte également les affichages de groupes " "parents - sans l'option <option>R</option>, seul le parent direct sera " "affiché." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_usermod.8.xml:10 sss_usermod.8.xml:15 msgid "sss_usermod" msgstr "sss_usermod" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_usermod.8.xml:16 msgid "modify a user account" msgstr "modifier un compte utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_usermod.8.xml:21 msgid "" "<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" "<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:32 msgid "" "<command>sss_usermod</command> modifies the account specified by " "<replaceable>LOGIN</replaceable> to reflect the changes that are specified " "on the command line." msgstr "" "<command>sss_usermod</command> modifie le compte défini par " "<replaceable>LOGIN</replaceable> pour refléter les modifications fournies en " "ligne de commande." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:60 msgid "The home directory of the user account." msgstr "Le répertoire personnel du compte utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:71 msgid "The user's login shell." msgstr "L'interpréteur de commandes de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:82 msgid "" "Append this user to groups specified by the <replaceable>GROUPS</" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" "Ajouter cet utilisateur aux groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" "replaceable> est une liste séparée par des virgules de noms de groupes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:96 msgid "" "Remove this user from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." msgstr "" "Retirer cet utilisateur de groupes spécifiés par le paramètre " "<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:103 msgid "<option>-l</option>,<option>--lock</option>" msgstr "<option>-l</option>,<option>--lock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:107 msgid "Lock the user account. The user won't be able to log in." msgstr "Verrouiller le compte utilisateur. Il ne pourra plus se connecter." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:114 msgid "<option>-u</option>,<option>--unlock</option>" msgstr "<option>-u</option>,<option>--unlock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:118 msgid "Unlock the user account." msgstr "Déverrouiller le compte utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:129 msgid "The SELinux user for the user's login." msgstr "" "L'utilisateur SELinux pour l'identifiant de connexion de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:135 msgid "<option>--addattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" msgstr "<option>--addattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:140 msgid "Add an attribute/value pair. The format is attrname=value." msgstr "Ajouter une paire attribut/valeur. Le format est nom_attribut=valeur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:147 msgid "<option>--setattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" msgstr "<option>--setattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:152 msgid "" "Set an attribute to a name/value pair. The format is attrname=value. For " "multi-valued attributes, the command replaces the values already present" msgstr "" "Définir une paire attribut/valeur. Le format est nom_attribut=valeur. Pour " "les attributs multi-valués, la commande remplace les valeurs déjà présentes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:160 msgid "<option>--delattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" msgstr "<option>--delattr</option> <replaceable>ATTR_NAME_VAL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:165 msgid "Delete an attribute/value pair. The format is attrname=value." msgstr "" "Supprimer une paire attribut/valeur. Le format est nom_attribut=valeur." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_cache.8.xml:10 sss_cache.8.xml:15 msgid "sss_cache" msgstr "sss_cache" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_cache.8.xml:16 msgid "perform cache cleanup" msgstr "effectue le nettoyage du cache" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_cache.8.xml:21 msgid "" "<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" "<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_cache.8.xml:31 msgid "" "<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " "records are forced to be reloaded from server as soon as related SSSD " "backend is online. Options that invalidate a single object only accept a " "single provided argument." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:43 msgid "<option>-E</option>,<option>--everything</option>" msgstr "<option>-E</option>,<option>--everything</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:47 msgid "Invalidate all cached entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:53 msgid "" "<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" msgstr "" "<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:58 msgid "Invalidate specific user." msgstr "Invalider un utilisateur spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:64 msgid "<option>-U</option>,<option>--users</option>" msgstr "<option>-U</option>,<option>--users</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:68 msgid "" "Invalidate all user records. This option overrides invalidation of specific " "user if it was also set." msgstr "" "L'annulation de tous les enregistrements d'utilisateur. Cette option prend " "le pas sur l'invalidation d'un utilisateur spécifique, si elle a été " "également configuré." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:75 msgid "" "<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" msgstr "" "<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:80 msgid "Invalidate specific group." msgstr "L'annulation de groupe spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:86 msgid "<option>-G</option>,<option>--groups</option>" msgstr "<option>-G</option>,<option>--groups</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:90 msgid "" "Invalidate all group records. This option overrides invalidation of specific " "group if it was also set." msgstr "" "L'annulation de tous les enregistrements de groupe. Cette option prend le " "pas sur l'invalidation d'un groupe spécifique si elle a été également " "définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:97 msgid "" "<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" "replaceable>" msgstr "" "<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:102 msgid "Invalidate specific netgroup." msgstr "Invalide un netgroup spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:108 msgid "<option>-N</option>,<option>--netgroups</option>" msgstr "<option>-N</option>,<option>--netgroups</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:112 msgid "" "Invalidate all netgroup records. This option overrides invalidation of " "specific netgroup if it was also set." msgstr "" "Invalider tous les enregistrements de netgroup. Cette option prend le pas " "sur l'invalidation de netgroup spécifiques s'il a été également définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:119 msgid "" "<option>-s</option>,<option>--service</option> <replaceable>service</" "replaceable>" msgstr "" "<option>-s</option>,<option>--service</option> <replaceable>service</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:124 msgid "Invalidate specific service." msgstr "Invalider le service spécifique." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:130 msgid "<option>-S</option>,<option>--services</option>" msgstr "<option>-S</option>,<option>--services</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:134 msgid "" "Invalidate all service records. This option overrides invalidation of " "specific service if it was also set." msgstr "" "Invalider tous les enregistrements de service. Cette option se substitue à " "l'invalidation de service spécifique s'elle a également été définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:141 msgid "" "<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</" "replaceable>" msgstr "" "<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:146 msgid "Invalidate specific autofs maps." msgstr "Invalider des cartes autofs spécifiques." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:152 msgid "<option>-A</option>,<option>--autofs-maps</option>" msgstr "<option>-A</option>,<option>--autofs-maps</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:156 msgid "" "Invalidate all autofs maps. This option overrides invalidation of specific " "map if it was also set." msgstr "" "Invalider toutes les cartes autofs. Cette option remplace l'invalidation de " "carte spécifique s'elle a également été définie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:163 msgid "" "<option>-h</option>,<option>--ssh-host</option> <replaceable>hostname</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:168 msgid "Invalidate SSH public keys of a specific host." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:174 msgid "<option>-H</option>,<option>--ssh-hosts</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:178 msgid "" "Invalidate SSH public keys of all hosts. This option overrides invalidation " "of SSH public keys of specific host if it was also set." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:186 msgid "" "<option>-r</option>,<option>--sudo-rule</option> <replaceable>rule</" "replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:191 msgid "Invalidate particular sudo rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:197 msgid "<option>-R</option>,<option>--sudo-rules</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:201 msgid "" "Invalidate all cached sudo rules. This option overrides invalidation of " "specific sudo rule if it was also set." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_cache.8.xml:209 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" msgstr "" "<option>-d</option>,<option>--domain</option> <replaceable>domain</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_cache.8.xml:214 msgid "Restrict invalidation process only to a particular domain." msgstr "Restreindre le processus d'invalidation à un domaine particulier." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 msgid "sss_debuglevel" msgstr "sss_debuglevel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_debuglevel.8.xml:16 #, fuzzy #| msgid "change debug level while SSSD is running" msgid "[DEPRECATED] change debug level while SSSD is running" msgstr "modifie le niveau de débogage pendant l'exécution de SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_debuglevel.8.xml:21 msgid "" "<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" "replaceable></arg>" msgstr "" "<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" "replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_debuglevel.8.xml:32 msgid "" "<command>sss_debuglevel</command> is deprecated and replaced by the sssctl " "debug-level command. Please refer to the <command>sssctl</command> man page " "for more information on sssctl usage." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_seed.8.xml:10 sss_seed.8.xml:15 msgid "sss_seed" msgstr "sss_seed" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_seed.8.xml:16 msgid "seed the SSSD cache with a user" msgstr "initialise le cache SSSD avec un utilisateur" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_seed.8.xml:21 msgid "" "<command>sss_seed</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</" "replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></" "arg>" msgstr "" "<command>sss_seed</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</" "replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></" "arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_seed.8.xml:33 msgid "" "<command>sss_seed</command> seeds the SSSD cache with a user entry and " "temporary password. If a user entry is already present in the SSSD cache " "then the entry is updated with the temporary password." msgstr "" "<command>sss_seed</command> initialise le cache SSSD avec une entrée " "d'utilisateur et le mot de passe temporaire. Si une entrée d'utilisateur est " "déjà présente dans le cache de SSSD, l'entrée est mise à jour avec le mot de " "passe temporaire." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_seed.8.xml:46 msgid "" "<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" "<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:51 msgid "" "Provide the name of the domain in which the user is a member of. The domain " "is also used to retrieve user information. The domain must be configured in " "sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. " "Information retrieved from the domain overrides what is provided in the " "options." msgstr "" "Indique le nom de domaine duquel l'utilisateur est membre. Le domaine est " "également utilisé pour récupérer les informations sur l'utilisateur. Le " "domaine doit être configuré dans sssd.conf. L'option <replaceable>DOMAIN</" "replaceable> doit être fournie. Les informations récupérées depuis le " "domaine prennent le pas sur ce qui est fourni dans les options." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_seed.8.xml:63 msgid "" "<option>-n</option>,<option>--username</option> <replaceable>USER</" "replaceable>" msgstr "" "<option>-n</option>,<option>--username</option> <replaceable>USER</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:68 msgid "" "The username of the entry to be created or modified in the cache. The " "<replaceable>USER</replaceable> option must be provided." msgstr "" "Le nom d'utilisateur de l'entrée devant être créée ou modifiée dans le " "cache. L'option <replaceable>USER</replaceable> doit être fournie." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:81 msgid "Set the UID of the user to <replaceable>UID</replaceable>." msgstr "Définit l'UID de l'utilisateur à <replaceable>UID</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:93 msgid "Set the GID of the user to <replaceable>GID</replaceable>." msgstr "Définit le GID de l'utilisateur à <replaceable>GID</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:117 msgid "" "Set the home directory of the user to <replaceable>HOME_DIR</replaceable>." msgstr "" "Définit le répertoire de l'utilisateur à <replaceable>HOME_DIR</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:129 msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>." msgstr "" "Définit l'interpréteur de commande de l'utilisateur à <replaceable>SHELL</" "replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:140 msgid "" "Interactive mode for entering user information. This option will only prompt " "for information not provided in the options or retrieved from the domain." msgstr "" "Mode interactif pour la saisie des informations de l'utilisateur. Cette " "option invite uniquement à la saisir des renseignements non fournis dans les " "options ou non récupérés à partir du domaine." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_seed.8.xml:148 msgid "" "<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</" "replaceable>" msgstr "" "<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</" "replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_seed.8.xml:153 msgid "" "Specify file to read user's password from. (if not specified password is " "prompted for)" msgstr "" "Spécifie le fichier dans lequel lire le mot de passe de l'utilisateur. (si " "aucun mot de passe n'est spécifié, il sera demandé)" #. type: Content of: <reference><refentry><refsect1><para> #: sss_seed.8.xml:165 msgid "" "The length of the password (or the size of file specified with -p or --" "password-file option) must be less than or equal to PASS_MAX bytes (64 bytes " "on systems with no globally-defined PASS_MAX value)." msgstr "" "La taille du mot de passe (ou la taille du fichier spécifié avec l'option -p " "ou --password-file) doit être inférieure ou égale à PASS_MAX octets (64 " "octets sur les systèmes sans valeur globale définie de PASS_MAX)." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ifp.5.xml:10 sssd-ifp.5.xml:16 msgid "sssd-ifp" msgstr "sssd-ifp" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ifp.5.xml:17 msgid "SSSD InfoPipe responder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ifp.5.xml:23 msgid "" "This manual page describes the configuration of the InfoPipe responder for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ifp.5.xml:36 msgid "" "The InfoPipe responder provides a public D-Bus interface accessible over the " "system bus. The interface allows the user to query information about remote " "users and groups over the system bus." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ifp.5.xml:46 msgid "These options can be used to configure the InfoPipe responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:53 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the InfoPipe responder. User names are resolved to UIDs at " "startup." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:59 msgid "" "Default: 0 (only the root user is allowed to access the InfoPipe responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:63 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " "access the InfoPipe responder, which would be the typical case, you have to " "add 0 to the list of allowed UIDs as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:77 msgid "Specifies the comma-separated list of white or blacklisted attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:91 msgid "name" msgstr "name" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:92 msgid "user's login name" msgstr "identifiant de connexion de l'utilisateur" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:95 msgid "uidNumber" msgstr "uidNumber" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:96 msgid "user ID" msgstr "identifiant de l'utilisateur" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:99 msgid "gidNumber" msgstr "gidNumber" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:100 msgid "primary group ID" msgstr "identifiant de groupe primaire" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:103 msgid "gecos" msgstr "gecos" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:104 msgid "user information, typically full name" msgstr "informations utilisateur, généralement le nom complet" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:107 msgid "homeDirectory" msgstr "homeDirectory" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-ifp.5.xml:111 msgid "loginShell" msgstr "loginShell" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:112 msgid "user shell" msgstr "interpréteur de commande" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:81 msgid "" "By default, the InfoPipe responder only allows the default set of POSIX " "attributes to be requested. This set is the same as returned by " "<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry> and includes: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ifp.5.xml:125 #, no-wrap msgid "" "user_attributes = +telephoneNumber, -loginShell\n" " " msgstr "" "user_attributes = +telephoneNumber, -loginShell\n" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:117 msgid "" "It is possible to add another attribute to this set by using <quote>" "+attr_name</quote> or explicitly remove an attribute using <quote>-" "attr_name</quote>. For example, to allow <quote>telephoneNumber</quote> but " "deny <quote>loginShell</quote>, you would use the following configuration: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:129 msgid "Default: not set. Only the default set of POSIX attributes is allowed." msgstr "" "Par défaut : non défini. Seul le jeu d'attributs POSIX par défaut est " "autorisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:139 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup that overrides caller-supplied limit." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ifp.5.xml:144 msgid "Default: 0 (let the caller set an upper limit)" msgstr "" #. type: Content of: <reference><refentry><refentryinfo> #: sss_rpcidmapd.5.xml:8 msgid "" "<productname>sss rpc.idmapd plugin</productname> <author> <firstname>Noam</" "firstname> <surname>Meltzer</surname> <affiliation> <orgname>Primary Data " "Inc.</orgname> </affiliation> <contrib>Developer (2013-2014)</contrib> </" "author> <author> <firstname>Noam</firstname> <surname>Meltzer</surname> " "<contrib>Developer (2014-)</contrib> <email>tsnoam@gmail.com</email> </" "author>" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_rpcidmapd.5.xml:26 sss_rpcidmapd.5.xml:32 msgid "sss_rpcidmapd" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_rpcidmapd.5.xml:33 msgid "sss plugin configuration directives for rpc.idmapd" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_rpcidmapd.5.xml:37 msgid "CONFIGURATION FILE" msgstr "FICHIER DE CONFIGURATION" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:39 msgid "" "rpc.idmapd configuration file is usually found at <emphasis>/etc/idmapd." "conf</emphasis>. See <citerefentry> <refentrytitle>idmapd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_rpcidmapd.5.xml:49 msgid "SSS CONFIGURATION EXTENSION" msgstr "EXTENSION DE CONFIGURATION SSS" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss_rpcidmapd.5.xml:51 msgid "Enable SSS plugin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_rpcidmapd.5.xml:53 msgid "" "In section <quote>[Translation]</quote>, modify/set <quote>Method</quote> " "attribute to contain <emphasis>sss</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss_rpcidmapd.5.xml:59 msgid "[sss] config section" msgstr "Section de configuration [sss]" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_rpcidmapd.5.xml:61 msgid "" "In order to change the default of one of the configuration attributes of the " "<emphasis>sss</emphasis> plugin listed below you will need to create a " "config section for it, named <quote>[sss]</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> #: sss_rpcidmapd.5.xml:67 msgid "Configuration attributes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sss_rpcidmapd.5.xml:69 msgid "memcache (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sss_rpcidmapd.5.xml:72 msgid "Indicates whether or not to use memcache optimisation technique." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sss_rpcidmapd.5.xml:85 msgid "SSSD INTEGRATION" msgstr "INTÉGRATION SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:87 msgid "" "The sss plugin requires the <emphasis>NSS Responder</emphasis> to be enabled " "in sssd." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:91 msgid "" "The attribute <quote>use_fully_qualified_names</quote> must be enabled on " "all domains (NFSv4 clients expect a fully qualified name to be sent on the " "wire)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_rpcidmapd.5.xml:103 #, no-wrap msgid "" "[General]\n" "Verbosity = 2\n" "# domain must be synced between NFSv4 server and clients\n" "# Solaris/Illumos/AIX use \"localdomain\" as default!\n" "Domain = default\n" "\n" "[Mapping]\n" "Nobody-User = nfsnobody\n" "Nobody-Group = nfsnobody\n" "\n" "[Translation]\n" "Method = sss\n" msgstr "" "[General]\n" "Verbosity = 2\n" "# domain must be synced between NFSv4 server and clients\n" "# Solaris/Illumos/AIX use \"localdomain\" as default!\n" "Domain = default\n" "\n" "[Mapping]\n" "Nobody-User = nfsnobody\n" "Nobody-Group = nfsnobody\n" "\n" "[Translation]\n" "Method = sss\n" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:100 msgid "" "The following example shows a minimal idmapd.conf which makes use of the sss " "plugin. <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <refsect1><title> #: sss_rpcidmapd.5.xml:120 sssd-kcm.8.xml:180 include/seealso.xml:2 msgid "SEE ALSO" msgstr "VOIR AUSSI" #. type: Content of: <reference><refentry><refsect1><para> #: sss_rpcidmapd.5.xml:122 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>" msgstr "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>idmapd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" msgstr "sss_ssh_authorizedkeys" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 msgid "1" msgstr "1" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_ssh_authorizedkeys.1.xml:16 msgid "get OpenSSH authorized keys" msgstr "obtient les clés OpenSSH autorisées" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_ssh_authorizedkeys.1.xml:21 msgid "" "<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>USER</replaceable></arg>" msgstr "" "<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>USER</replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:32 msgid "" "<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " "<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " "format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> for more information)." msgstr "" "<command>sss_ssh_authorizedkeys</command> acquiert les clés publiques SSH " "pour <replaceable>USER</replaceable> et les renvoie dans le format " "authorized_keys de OpenSSH (cf. la section <quote>FORMAT DE FICHIER " "AUTHORIZED_KEYS</quote> de <citerefentry><refentrytitle>sshd</refentrytitle> " "<manvolnum>8</manvolnum></citerefentry> pour plus d'informations)." #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:41 msgid "" "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" "command> for public key user authentication if it is compiled with support " "for <quote>AuthorizedKeysCommand</quote> option. Please refer to the " "<citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> man page for more details about this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_ssh_authorizedkeys.1.xml:59 #, no-wrap msgid "" " AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" " AuthorizedKeysCommandUser nobody\n" msgstr "" " AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" " AuthorizedKeysCommandUser nobody\n" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:52 msgid "" "If <quote>AuthorizedKeysCommand</quote> is supported, " "<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" "citerefentry> can be configured to use it by putting the following " "directives in <citerefentry> <refentrytitle>sshd_config</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry>: <placeholder type=\"programlisting" "\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_authorizedkeys.1.xml:75 msgid "" "Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." msgstr "" "Rechercher des clés publiques dans le domaine SSSD <replaceable>DOMAIN</" "replaceable>." #. type: Content of: <reference><refentry><refsect1><title> #: sss_ssh_authorizedkeys.1.xml:84 sss_ssh_knownhostsproxy.1.xml:92 msgid "EXIT STATUS" msgstr "CODE RETOUR" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_authorizedkeys.1.xml:86 sss_ssh_knownhostsproxy.1.xml:94 msgid "" "In case of success, an exit value of 0 is returned. Otherwise, 1 is returned." msgstr "" "Dans le cas d'un opération achevée avec succès, une valeur de retour de 0 " "est renvoyée. Dans le cas contraire, 1 est renvoyé." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 msgid "sss_ssh_knownhostsproxy" msgstr "sss_ssh_knownhostsproxy" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_ssh_knownhostsproxy.1.xml:16 msgid "get OpenSSH host keys" msgstr "obtenir les clés d'hôtes OpenSSH" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_ssh_knownhostsproxy.1.xml:21 msgid "" "<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>HOST</replaceable></arg> <arg " "choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" msgstr "" "<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " "<replaceable>options</replaceable> </arg> <arg " "choice='plain'><replaceable>HOST</replaceable></arg> <arg " "choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_knownhostsproxy.1.xml:33 msgid "" "<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " "host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " "known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " "of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" "manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" "pubconf/known_hosts</filename> and establishes the connection to the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_knownhostsproxy.1.xml:43 msgid "" "If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " "create the connection to the host instead of opening a socket." msgstr "" "Si <replaceable>PROXY_COMMAND</replaceable> est indiqué, elle est alors " "utilisée pour établier la connexion vers le système au lieu d'ouvrir une " "socket." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sss_ssh_knownhostsproxy.1.xml:55 #, no-wrap msgid "" "ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" "GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n" msgstr "" "ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" "GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n" #. type: Content of: <reference><refentry><refsect1><para> #: sss_ssh_knownhostsproxy.1.xml:48 msgid "" "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" "command> for host key authentication by using the following directives for " "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> peut être configuré pour utiliser " "<command>sss_ssh_knownhostsproxy</command> pour l'authentication par clés en " "utilisant les directives suivantes pour la configuration de " "<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" "citerefentry> : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:66 msgid "" "<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" msgstr "" "<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:71 msgid "" "Use port <replaceable>PORT</replaceable> to connect to the host. By " "default, port 22 is used." msgstr "" "Utiliser le port <replaceable>PORT</replaceable> pour se connecter au " "système. Par défaut, le port 22 est utilisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:83 msgid "" "Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." msgstr "" "Rechercher les clés publiques dans le domaine SSSD <replaceable>DOMAINE</" "replaceable> hôte." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 msgid "idmap_sss" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: idmap_sss.8.xml:16 msgid "SSSD's idmap_sss Backend for Winbind" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: idmap_sss.8.xml:22 msgid "" "The idmap_sss module provides a way to call SSSD to map UIDs/GIDs and SIDs. " "No database is required in this case as the mapping is done by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: idmap_sss.8.xml:29 msgid "IDMAP OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: idmap_sss.8.xml:33 msgid "range = low - high" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: idmap_sss.8.xml:35 msgid "" "Defines the available matching UID and GID range for which the backend is " "authoritative." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: idmap_sss.8.xml:45 msgid "" "This example shows how to configure idmap_sss as the default mapping module." msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> #: idmap_sss.8.xml:50 #, no-wrap msgid "" "[global]\n" "security = domain\n" "workgroup = MAIN\n" "\n" "idmap config * : backend = sss\n" "idmap config * : range = 200000-2147483647\n" " " msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssctl.8.xml:10 sssctl.8.xml:15 msgid "sssctl" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssctl.8.xml:16 msgid "SSSD control and status utility" msgstr "" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sssctl.8.xml:21 msgid "" "<command>sssctl</command> <arg choice='plain'><replaceable>COMMAND</" "replaceable></arg> <arg choice='opt'> <replaceable>options</replaceable> </" "arg>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssctl.8.xml:32 msgid "" "<command>sssctl</command> provides a simple and unified way to obtain " "information about SSSD status, such as active server, auto-discovered " "servers, domains and cached objects. In addition, it can manage SSSD data " "files for troubleshooting in such a way that is safe to manipulate while " "SSSD is running." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssctl.8.xml:43 msgid "" "To list all available commands run <command>sssctl</command> without any " "parameters. To print help for selected command run <command>sssctl COMMAND --" "help</command>." msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-files.5.xml:10 sssd-files.5.xml:16 msgid "sssd-files" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-files.5.xml:17 msgid "SSSD files provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:23 msgid "" "This manual page describes the files provider for <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:36 msgid "" "The files provider mirrors the content of the <citerefentry> " "<refentrytitle>passwd</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> and <citerefentry> <refentrytitle>group</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> files. The purpose of the files " "provider is to make the users and groups traditionally only accessible with " "NSS interfaces also available through the SSSD interfaces such as " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 msgid "" "The files provider has no specific options of its own, however, generic SSSD " "domain options can be set where applicable. Refer to the section " "<quote>DOMAIN SECTIONS</quote> of the <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for details on the configuration of an SSSD domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:73 msgid "" "The following example assumes that SSSD is correctly configured and files is " "one of the domains in the <replaceable>[sssd]</replaceable> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-files.5.xml:79 #, no-wrap msgid "" "[domain/files]\n" "id_provider = files\n" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-secrets.5.xml:10 sssd-secrets.5.xml:16 msgid "sssd-secrets" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-secrets.5.xml:17 msgid "SSSD Secrets responder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:23 msgid "" "This manual page describes the configuration of the Secrets responder for " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:36 msgid "" "Many system and user applications need to store private information such as " "passwords or service keys and have no good way to properly deal with them. " "The simple approach is to embed these <quote>secrets</quote> into " "configuration files potentially ending up exposing sensitive key material to " "backups, config management system and in general making it harder to secure " "data." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:45 msgid "" "The <ulink url=\"https://github.com/latchset/custodia\">custodia</ulink> " "project was born to deal with this problem in cloud like environments, but " "we found the idea compelling even at a single system level. As a security " "service, SSSD is ideal to host this capability while offering the same API " "via a Unix Socket. This will make it possible to use local calls and have " "them transparently routed to a local or a remote key management store like " "IPA Vault for storage, escrow and recovery." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:55 msgid "" "The secrets are simple key-value pairs. Each user's secrets are namespaced " "using their user ID, which means the secrets will never collide between " "users. Secrets can be stored inside <quote>containers</quote> which can be " "nested." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:69 msgid "secrets" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:70 msgid "secrets for general usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:73 msgid "kcm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:75 #, fuzzy #| msgid "" #| "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " #| "<manvolnum>8</manvolnum> </citerefentry> to specify the default " #| "permissions on a newly created home directory." msgid "" "used by the <citerefentry> <refentrytitle>sssd-kcm</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> service." msgstr "" "Utilisé par <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> pour spécifier les permissions par " "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:61 msgid "" "Since the secrets responder can be used both externally to store general " "secrets, as described in the rest of this man page, but also internally by " "other SSSD components to store their secret material, some configuration " "options, like quotas can be configured per <quote>hive</quote> in a " "configuration subsection named after the hive. The currently supported hives " "are: <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-secrets.5.xml:89 msgid "USING THE SECRETS RESPONDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:91 msgid "" "The UNIX socket the SSSD responder listens on is located at <filename>/var/" "run/secrets.socket</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-secrets.5.xml:110 #, no-wrap msgid "" "systemctl start sssd-secrets.socket\n" "systemctl enable sssd-secrets.socket\n" "systemctl enable sssd-secrets.service\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:95 msgid "" "The secrets responder is socket-activated by <citerefentry> " "<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry>. Unlike other SSSD responders, it cannot be started by adding " "the <quote>secrets</quote> string to the <quote>service</quote> directive. " "The systemd socket unit is called <quote>sssd-secrets.socket</quote> and the " "corresponding service file is called <quote>sssd-secrets.service</quote>. In " "order for the service to be socket-activated, make sure the socket is " "enabled and active and the service is enabled: <placeholder type=" "\"programlisting\" id=\"0\"/> Please note your distribution may already " "configure the units for you." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:122 msgid "" "The generic SSSD responder options such as <quote>debug_level</quote> or " "<quote>fd_limit</quote> are accepted by the secrets responder. Please refer " "to the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for a complete list. In addition, " "there are some secrets-specific options as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:132 msgid "" "The secrets responder is configured with a global <quote>[secrets]</quote> " "section and an optional per-user <quote>[secrets/users/$uid]</quote> section " "in <filename>sssd.conf</filename>. Please note that some options, notably as " "the provider type, can only be specified in the per-user subsections." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:141 msgid "provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:157 msgid "local" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:160 msgid "" "The secrets are stored in a local database, encrypted at rest with a master " "key. The local provider does not have any additional config options at the " "moment." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-secrets.5.xml:168 msgid "proxy" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:171 msgid "" "The secrets responder forwards the requests to a Custodia server. The proxy " "provider supports several additional options (see below)." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:144 msgid "" "This option specifies where should the secrets be stored. The secrets " "responder can configure a per-user subsections (e.g. <quote>[secrets/" "users/123]</quote> - see bottom of this manual page for a full example using " "Custodia for a particular user) that define which provider store the secrets " "for this particular user. The per-user subsections should contain all " "options for that user's provider. Please note that currently the global " "provider is always local, the proxy provider can only be specified in a per-" "user section. The following providers are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:180 msgid "Default: local" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:186 msgid "" "The following options affect only the secrets <quote>hive</quote> and " "therefore should be set in a per-hive subsection. Setting the option to 0 " "means \"unlimited\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:192 msgid "containers_nest_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:195 msgid "This option specifies the maximum allowed number of nested containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:199 msgid "Default: 4" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:204 msgid "max_secrets (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:207 msgid "" "This option specifies the maximum number of secrets that can be stored in " "the hive." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:211 msgid "Default: 1024 (secrets hive), 256 (kcm hive)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:216 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "max_uid_secrets (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:219 msgid "" "This option specifies the maximum number of secrets that can be stored per-" "UID in the hive." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:223 msgid "Default: 256 (secrets hive), 64 (kcm hive)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:228 msgid "max_payload_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:231 msgid "" "This option specifies the maximum payload size allowed for a secret payload " "in kilobytes." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:235 msgid "Default: 16 (secrets hive), 65536 (64 MiB) (kcm hive)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-secrets.5.xml:244 #, no-wrap msgid "" "[secrets/secrets]\n" "max_payload_size = 128\n" "\n" "[secrets/kcm]\n" "max_payload_size = 256\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:241 msgid "" "For example, to adjust quotas differently for both the <quote>secrets</" "quote> and the <quote>kcm</quote> hives, configure the following: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:252 msgid "" "The following options are only applicable for configurations that use the " "<quote>proxy</quote> provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:257 msgid "proxy_url (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:260 msgid "" "The URL the Custodia server is listening on. At the moment, http and https " "protocols are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:267 msgid "http[s]://<host>[:port]" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:270 msgid "Example: http://localhost:8080" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:275 msgid "auth_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:278 msgid "" "The method to use when authenticating to a Custodia server. The following " "authentication methods are supported:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><term> #: sssd-secrets.5.xml:283 msgid "basic_auth" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:286 msgid "" "Authenticate with a username and a password as set in the <quote>username</" "quote> and <quote>password</quote> options." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><term> #: sssd-secrets.5.xml:293 msgid "header" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:296 msgid "" "Authenticate with HTTP header value as defined in the " "<quote>auth_header_name</quote> and <quote>auth_header_value</quote> " "configuration options." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:307 msgid "auth_header_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:310 msgid "" "If set, the secrets responder would put a header with this name into the " "HTTP request with the value defined in the <quote>auth_header_value</quote> " "configuration option." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:315 msgid "Example: MYSECRETNAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:320 msgid "auth_header_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:323 msgid "" "The value sssd-secrets would use for the <quote>auth_header_name</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:327 msgid "Example: mysecret" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:332 msgid "forward_headers (list of strings)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:335 msgid "" "The list of HTTP headers to forward to the Custodia server together with the " "request." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:344 msgid "verify_peer (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:347 msgid "" "Whether peer's certificate should be verified and valid if HTTPS protocol is " "used with the proxy provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:356 msgid "verify_host (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:359 msgid "" "Whether peer's hostname must match with hostname in its certificate if HTTPS " "protocol is used with the proxy provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:369 msgid "capath (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:372 msgid "" "Path to directory containing stored certificate authority certificates. " "System default path is used if this option is not set." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:382 msgid "cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:385 msgid "" "Path to file containing server's certificate authority certificate. If this " "option is not set then the CA's certificate is looked up in <quote>capath</" "quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:395 msgid "cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:398 msgid "" "Path to file containing client's certificate if required by the server. This " "file may also contain private key or the private key may be in separate file " "set with <quote>key</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:409 msgid "key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:412 msgid "Path to file containing client's private key." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-secrets.5.xml:422 msgid "USING THE REST API" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:424 msgid "" "This section lists the available commands and includes examples using the " "<citerefentry> <refentrytitle>curl</refentrytitle> <manvolnum>1</manvolnum> " "</citerefentry> utility. All requests towards the proxy provider must set " "the Content Type header to <quote>application/json</quote>. In addition, the " "local provider also supports Content Type set to <quote>application/octet-" "stream</quote>. Secrets stored with requests that set the Content Type " "header to <quote>application/octet-stream</quote> are base64-encoded when " "stored and decoded when retrieved, so it's not possible to store a secret " "with one Content Type and retrieve with another. The secret URI must begin " "with <filename>/secrets/</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:441 msgid "Listing secrets" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:444 msgid "" "To list the available secrets, send a HTTP GET request with a trailing slash " "appended to the container path." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:450 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XGET http://localhost/secrets/\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:458 msgid "Retrieving a secret" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:461 msgid "" "To read a value of a single secret, send a HTTP GET request without a " "trailing slash. The last portion of the URI is the name of the secret." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:468 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XGET http://localhost/secrets/foo\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:473 #, no-wrap msgid "" "curl -H \"Content-Type: application/octet-stream\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XGET http://localhost/secrets/bar\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:466 msgid "" "Examples: <placeholder type=\"programlisting\" id=\"0\"/> <placeholder type=" "\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:481 msgid "Setting a secret" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:484 msgid "" "To set a secret using the <quote>application/json</quote> type, send a HTTP " "PUT request with a JSON payload that includes type and value. The type " "should be set to \"simple\" and the value should be set to the secret value. " "If a secret with that name already exists, the response is a 409 HTTP error." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:492 msgid "" "The <quote>application/json</quote> type just sends the secret as the " "message payload." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:501 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XPUT http://localhost/secrets/foo \\\n" " -d'{\"type\":\"simple\",\"value\":\"foosecret\"}'\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:507 #, no-wrap msgid "" "curl -H \"Content-Type: application/octet-stream\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XPUT http://localhost/secrets/bar \\\n" " -d'barsecret'\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:496 msgid "" "The following example sets a secret named 'foo' to a value of 'foosecret' " "and a secret named 'bar' to a value of 'barsecret' using a different Content " "Type. <placeholder type=\"programlisting\" id=\"0\"/> <placeholder type=" "\"programlisting\" id=\"1\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:516 msgid "Creating a container" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:519 msgid "" "Containers provide an additional namespace for this user's secrets. To " "create a container, send a HTTP POST request, whose URI ends with the " "container name. Please note the URI must end with a trailing slash." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:529 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XPOST http://localhost/secrets/mycontainer/\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:526 msgid "" "The following example creates a container named 'mycontainer': <placeholder " "type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:538 #, no-wrap msgid "" "http://localhost/secrets/mycontainer/mysecret\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:535 msgid "" "To manipulate secrets under this container, just nest the secrets underneath " "the container path: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-secrets.5.xml:544 msgid "Deleting a secret or a container" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:547 msgid "" "To delete a secret or a container, send a HTTP DELETE request with a path to " "the secret or the container." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> #: sssd-secrets.5.xml:553 #, no-wrap msgid "" "curl -H \"Content-Type: application/json\" \\\n" " --unix-socket /var/run/secrets.socket \\\n" " -XDELETE http://localhost/secrets/foo\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-secrets.5.xml:551 msgid "" "The following example deletes a secret named 'foo'. <placeholder type=" "\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-secrets.5.xml:563 msgid "EXAMPLE CUSTODIA AND PROXY PROVIDER CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:565 msgid "" "For testing the proxy provider, you need to set up a Custodia server to " "proxy requests to. Please always consult the Custodia documentation, the " "configuration directives might change with different Custodia versions." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-secrets.5.xml:576 #, no-wrap msgid "" "[global]\n" "server_version = \"Secret/0.0.7\"\n" "server_url = http://localhost:8080/\n" "auditlog = /var/log/custodia.log\n" "debug = True\n" "\n" "[store:simple]\n" "handler = custodia.store.sqlite.SqliteStore\n" "dburi = /var/lib/custodia.db\n" "table = secrets\n" "\n" "[auth:header]\n" "handler = custodia.httpd.authenticators.SimpleHeaderAuth\n" "header = MYSECRETNAME\n" "value = mysecretkey\n" "\n" "[authz:paths]\n" "handler = custodia.httpd.authorizers.SimplePathAuthz\n" "paths = /secrets\n" "\n" "[/]\n" "handler = custodia.root.Root\n" "store = simple\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:570 msgid "" "This configuration will set up a Custodia server listening on http://" "localhost:8080, allowing anyone with header named MYSECRETNAME set to " "mysecretkey to communicate with the Custodia server. Place the contents " "into a file (for example, <replaceable>custodia.conf</replaceable>): " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:602 msgid "" "Then run the <replaceable>custodia</replaceable> command, pointing it at the " "config file as a command line argument." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-secrets.5.xml:606 msgid "" "Please note that currently it's not possible to proxy all requests globally " "to a Custodia instance. Instead, per-user subsections for user IDs that " "should proxy requests to Custodia must be defined. The following example " "illustrates a configuration, where the user with UID 123 would proxy their " "requests to Custodia, but all other user's requests would be handled by a " "local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> #: sssd-secrets.5.xml:614 #, no-wrap msgid "" "[secrets]\n" "\n" "[secrets/users/123]\n" "provider = proxy\n" "proxy_url = http://localhost:8080/secrets/\n" "auth_type = header\n" "auth_header_name = MYSECRETNAME\n" "auth_header_value = mysecretkey\n" " " msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-session-recording.5.xml:16 msgid "sssd-session-recording" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-session-recording.5.xml:17 #, fuzzy #| msgid "Configuring sudo to cooperate with SSSD" msgid "Configuring session recording with SSSD" msgstr "Configuration de sudo pour coopérer avec SSSD" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:23 #, fuzzy #| msgid "" #| "This manual page describes the configuration of the simple access-control " #| "provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " #| "<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax " #| "reference, refer to the <quote>FILE FORMAT</quote> section of the " #| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" #| "manvolnum> </citerefentry> manual page." msgid "" "This manual page describes how to configure <citerefentry> " "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " "to work with <citerefentry> <refentrytitle>tlog-rec-session</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>, a part of tlog package, to " "implement user session recording on text terminals. For a detailed " "configuration syntax reference, refer to the <quote>FILE FORMAT</quote> " "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" "Cette page de manuel décrit la configuration du fournisseur de contrôle " "d'accès simple de <citerefentry> <refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry>. Pour plus de détails sur la " "syntaxe, cf. la section <quote>FORMAT DE FICHIER</quote> de la page de " "manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:41 msgid "" "SSSD can be set up to enable recording of everything specific users see or " "type during their sessions on text terminals. E.g. when users log in on the " "console, or via SSH. SSSD itself doesn't record anything, but makes sure " "tlog-rec-session is started upon user login, so it can record according to " "its configuration." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:48 msgid "" "For users with session recording enabled, SSSD replaces the user shell with " "tlog-rec-session in NSS responses, and adds a variable specifying the " "original shell to the user environment, upon PAM session setup. This way " "tlog-rec-session can be started in place of the user shell, and know which " "actual shell to start, once it set up the recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:60 #, fuzzy #| msgid "These options can be used to configure the PAC responder." msgid "These options can be used to configure the session recording." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-session-recording.5.xml:146 msgid "" "The following snippet of sssd.conf enables session recording for users " "\"contractor1\" and \"contractor2\", and group \"students\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-session-recording.5.xml:151 #, no-wrap msgid "" "[session_recording]\n" "scope = some\n" "users = contractor1, contractor2\n" "groups = students\n" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-kcm.8.xml:10 sssd-kcm.8.xml:16 msgid "sssd-kcm" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-kcm.8.xml:17 msgid "SSSD Kerberos Cache Manager" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:23 msgid "" "This manual page describes the configuration of the SSSD Kerberos Cache " "Manager (KCM). KCM is a process that stores, tracks and manages Kerberos " "credential caches. It originates in the Heimdal Kerberos project, although " "the MIT Kerberos library also provides client side (more details on that " "below) support for the KCM credential cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:31 msgid "" "In a setup where Kerberos caches are managed by KCM, the Kerberos library " "(typically used through an application, like e.g., <citerefentry> " "<refentrytitle>kinit</refentrytitle><manvolnum>1</manvolnum> </" "citerefentry>, is a <quote>\"KCM client\"</quote> and the KCM daemon is " "being referred to as a <quote>\"KCM server\"</quote>. The client and server " "communicate over a UNIX socket." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:42 msgid "" "The KCM server keeps track of each credential caches's owner and performs " "access check control based on the UID and GID of the KCM client. The root " "user has access to all credential caches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:47 msgid "The KCM credential cache has several interesting properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:51 msgid "" "since the process runs in userspace, it is subject to UID namespacing, " "unlike the kernel keyring" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:56 msgid "" "unlike the kernel keyring-based cache, which is shared between all " "containers, the KCM server is a separate process whose entry point is a UNIX " "socket" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:61 msgid "" "the SSSD implementation stores the ccaches in the SSSD <citerefentry> " "<refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry> secrets store, allowing the ccaches to survive KCM server " "restarts or machine reboots." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:69 msgid "" "This allows the system to use a collection-aware credential cache, yet share " "the credential cache between some or no containers by bind-mounting the " "socket." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-kcm.8.xml:76 msgid "USING THE KCM CREDENTIAL CACHE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:86 #, no-wrap msgid "" "[libdefaults]\n" " default_ccache_name = KCM:\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:78 msgid "" "In order to use KCM credential cache, it must be selected as the default " "credential type in <citerefentry> <refentrytitle>krb5.conf</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, The credentials " "cache name must be only <quote>KCM:</quote> without any template " "expansions. For example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:91 msgid "" "Next, make sure the Kerberos client libraries and the KCM server must agree " "on the UNIX socket path. By default, both use the same path <replaceable>/" "var/run/.heim_org.h5l.kcm-socket</replaceable>. To configure the Kerberos " "library, change its <quote>kcm_socket</quote> option which is described in " "the <citerefentry> <refentrytitle>krb5.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:113 #, no-wrap msgid "" "systemctl start sssd-kcm.socket\n" "systemctl enable sssd-kcm.socket\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:102 msgid "" "Finally, make sure the SSSD KCM server can be contacted. The KCM service is " "typically socket-activated by <citerefentry> <refentrytitle>systemd</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry>. Unlike other SSSD " "services, it cannot be started by adding the <quote>kcm</quote> string to " "the <quote>service</quote> directive. <placeholder type=\"programlisting\" " "id=\"0\"/> Please note your distribution may already configure the units for " "you." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-kcm.8.xml:122 msgid "THE CREDENTIAL CACHE STORAGE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:131 #, no-wrap msgid "" "systemctl start sssd-secrets.socket\n" "systemctl enable sssd-secrets.socket\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:124 msgid "" "The credential caches are stored in the SSSD secrets service (see " "<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry> for more details). Therefore it is important that " "also the sssd-secrets service is enabled and its socket is started: " "<placeholder type=\"programlisting\" id=\"0\"/> Your distribution should " "already set the dependencies between the services." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:141 msgid "" "The KCM service is configured in the <quote>kcm</quote> section of the sssd." "conf file. Please note that currently, is it not sufficient to restart the " "sssd-kcm service, because the sssd configuration is only parsed and read to " "an internal configuration database by the sssd service. Therefore you must " "restart the sssd service if you change anything in the <quote>kcm</quote> " "section of sssd.conf. For a detailed syntax reference, refer to the " "<quote>FILE FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:155 msgid "" "The generic SSSD service options such as <quote>debug_level</quote> or " "<quote>fd_limit</quote> are accepted by the kcm service. Please refer to " "the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for a complete list. In addition, " "there are some KCM-specific options as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:166 msgid "socket_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:169 msgid "The socket the KCM service will listen on." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:172 msgid "Default: <replaceable>/var/run/.heim_org.h5l.kcm-socket</replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:182 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>," msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-systemtap.5.xml:10 sssd-systemtap.5.xml:16 #, fuzzy #| msgid "sssd-simple" msgid "sssd-systemtap" msgstr "sssd-simple" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-systemtap.5.xml:17 msgid "SSSD systemtap information" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-systemtap.5.xml:23 #, fuzzy #| msgid "" #| "This manual page only describes attribute name mapping. For detailed " #| "explanation of sudo related attribute semantics, see <citerefentry> " #| "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" #| "citerefentry>" msgid "" "This manual page provides information about the systemtap functionality in " "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry>." msgstr "" "Cette page de manuel décrit uniquement le mappage de noms d'attribut. Pour " "une explication détaillée des sémantiques d'attributs relatives à sudo, cf. " "<citerefentry><refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-systemtap.5.xml:32 msgid "" "SystemTap Probe points have been added into various locations in SSSD code " "to assist in troubleshooting and analyzing performance related issues." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-systemtap.5.xml:40 msgid "Sample SystemTap scripts are provided in /usr/share/sssd/systemtap/" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-systemtap.5.xml:46 msgid "" "Probes and miscellaneous functions are defined in /usr/share/systemtap/" "tapset/sssd.stp and /usr/share/systemtap/tapset/sssd_functions.stp " "respectively." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-systemtap.5.xml:57 msgid "PROBE POINTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-systemtap.5.xml:59 sssd-systemtap.5.xml:341 msgid "" "The information below lists the probe points and arguments available in the " "following format:" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:64 #, fuzzy #| msgid "realm name" msgid "probe $name" msgstr "nom de domaine" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:67 msgid "Description of probe point" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:70 #, no-wrap msgid "" "variable1:datatype\n" "variable2:datatype\n" "variable3:datatype\n" "...\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:80 msgid "Database Transaction Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:84 msgid "probe sssd_transaction_start" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:87 msgid "" "Start of a sysdb transaction, probes the sysdb_transaction_start() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:91 sssd-systemtap.5.xml:105 sssd-systemtap.5.xml:118 #: sssd-systemtap.5.xml:131 #, no-wrap msgid "" "nesting:integer\n" "probestr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:97 msgid "probe sssd_transaction_cancel" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:100 msgid "" "Cancellation of a sysdb transaction, probes the sysdb_transaction_cancel() " "function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:111 msgid "probe sssd_transaction_commit_before" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:114 msgid "Probes the sysdb_transaction_commit_before() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:124 msgid "probe sssd_transaction_commit_after" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:127 msgid "Probes the sysdb_transaction_commit_after() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:141 msgid "LDAP Search Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:145 msgid "probe sdap_search_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:148 msgid "Probes the sdap_get_generic_ext_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:152 sssd-systemtap.5.xml:167 sssd-systemtap.5.xml:196 #, no-wrap msgid "" "base:string\n" "scope:integer\n" "filter:string\n" "probestr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:160 msgid "probe sdap_search_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:163 msgid "Probes the sdap_get_generic_ext_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:175 msgid "probe sdap_deref_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:178 msgid "Probes the sdap_deref_search_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:182 #, no-wrap msgid "" "base_dn:string\n" "deref_attr:string\n" "probestr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:189 msgid "probe sdap_deref_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:192 msgid "Probes the sdap_deref_search_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:208 msgid "LDAP Account Request Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:212 msgid "probe sdap_acct_req_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:215 msgid "Probes the sdap_acct_req_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:219 sssd-systemtap.5.xml:234 #, no-wrap msgid "" "entry_type:int\n" "filter_type:int\n" "filter_value:string\n" "extra_value:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:227 msgid "probe sdap_acct_req_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:230 msgid "Probes the sdap_acct_req_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:246 msgid "LDAP User Search Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:250 msgid "probe sdap_search_user_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:253 msgid "Probes the sdap_search_user_send() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:257 sssd-systemtap.5.xml:269 sssd-systemtap.5.xml:281 #: sssd-systemtap.5.xml:293 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" #| " " msgid "" "filter:string\n" " " msgstr "" "fallback_homedir = /home/%u\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:262 msgid "probe sdap_search_user_recv" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:265 msgid "Probes the sdap_search_user_recv() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:274 msgid "probe sdap_search_user_save_begin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:277 msgid "Probes the sdap_search_user_save_begin() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:286 msgid "probe sdap_search_user_save_end" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:289 msgid "Probes the sdap_search_user_save_end() function." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:302 msgid "Data Provider Request Probes" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:306 msgid "probe dp_req_send" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:309 msgid "A Data Provider request is submitted." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:312 #, no-wrap msgid "" "dp_req_domain:string\n" "dp_req_name:string\n" "dp_req_target:int\n" "dp_req_method:int\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:320 msgid "probe dp_req_done" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:323 msgid "A Data Provider request is completed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:326 #, no-wrap msgid "" "dp_req_name:string\n" "dp_req_target:int\n" "dp_req_method:int\n" "dp_ret:int\n" "dp_errorstr:string\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-systemtap.5.xml:339 msgid "MISCELLANEOUS FUNCTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:346 msgid "function acct_req_desc(entry_type)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:349 msgid "Convert entry_type to string and return string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:354 msgid "" "function sssd_acct_req_probestr(fc_name, entry_type, filter_type, " "filter_value, extra_value)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:358 msgid "Create probe string based on filter type" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:363 msgid "function dp_target_str(target)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:366 msgid "Convert target to string and return string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:371 msgid "function dp_method_str(target)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:374 msgid "Convert method to string and return string" msgstr "" #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" msgstr "DÉCOUVERTE DE SERVICE" #. type: Content of: <refsect1><para> #: include/service_discovery.xml:4 msgid "" "The service discovery feature allows back ends to automatically find the " "appropriate servers to connect to using a special DNS query. This feature is " "not supported for backup servers." msgstr "" "La fonctionnalité de découverte de services permet aux moteurs de trouver " "automatiquement les serveurs appropriés auxquels se connecter à l'aide d'une " "requête DNS spéciale. Cette fonctionnalité n'est pas pris en charge pour sur " "les serveurs secondaires." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:9 include/ldap_id_mapping.xml:99 msgid "Configuration" msgstr "Configuration" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:11 msgid "" "If no servers are specified, the back end automatically uses service " "discovery to try to find a server. Optionally, the user may choose to use " "both fixed server addresses and service discovery by inserting a special " "keyword, <quote>_srv_</quote>, in the list of servers. The order of " "preference is maintained. This feature is useful if, for example, the user " "prefers to use service discovery whenever possible, and fall back to a " "specific server when no servers can be discovered using DNS." msgstr "" "Si aucun serveur n'est spécifié, le moteur utilise automatiquement la " "découverte de services pour tenter de trouver un serveur. L'utilisateur peut " "aussi choisir d'utiliser des adresses de serveur et de découverte de " "services fixes en insérant un mot-clé spécial, <quote>_srv_</quote>, dans la " "liste des serveurs. L'ordre de préférence est maintenu. Cette fonctionnalité " "est utile si, par exemple, l'utilisateur préfère utiliser la découverte de " "services chaque fois que possible et se replier vers un serveur spécifique " "lorsqu'aucun serveur ne peut être découvert à l'aide du DNS." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:23 msgid "The domain name" msgstr "Le nom de domaine" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:25 msgid "" "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for more details." msgstr "" "Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " "manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> pour plus de détails." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:35 msgid "The protocol" msgstr "Le protocole" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:37 msgid "" "The queries usually specify _tcp as the protocol. Exceptions are documented " "in respective option description." msgstr "" "Les requêtes spécifient généralement _tcp comme protocole. Les exceptions " "sont documentées dans les descriptions respectives des options." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:42 msgid "See Also" msgstr "Voir aussi" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:44 msgid "" "For more information on the service discovery mechanism, refer to RFC 2782." msgstr "" "Pour plus d'informations sur le mécanisme de découverte de services, se " "reporter à la RFC 2782." #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." "io/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) #: include/upstream.xml:1 msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" #. type: Content of: <refsect1><title> #: include/failover.xml:2 msgid "FAILOVER" msgstr "BASCULE" #. type: Content of: <refsect1><para> #: include/failover.xml:4 msgid "" "The failover feature allows back ends to automatically switch to a different " "server if the current server fails." msgstr "" "La fonctionnalité de bascule autorise le moteur à basculer automatiquement " "sur un serveur différent si le serveur actuel est défaillant." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:8 msgid "Failover Syntax" msgstr "Syntaxe de bascule" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:10 msgid "" "The list of servers is given as a comma-separated list; any number of spaces " "is allowed around the comma. The servers are listed in order of preference. " "The list can contain any number of servers." msgstr "" "La liste des serveurs est donnée sous forme de liste séparée par des " "virgules ; un nombre quelconque d'espaces est autorisé autour de la virgule. " "Les serveurs sont répertoriés par ordre de préférence. La liste peut " "contenir un nombre quelconque de serveurs." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:16 msgid "" "For each failover-enabled config option, two variants exist: " "<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is " "that servers in the primary list are preferred and backup servers are only " "searched if no primary servers can be reached. If a backup server is " "selected, a timeout of 31 seconds is set. After this timeout SSSD will " "periodically try to reconnect to one of the primary servers. If it succeeds, " "it will replace the current active (backup) server." msgstr "" "Pour chaque option de configuration alors que la bascule est activée, il " "existe deux variantes : <emphasis>primary</emphasis> et <emphasis>backup</" "emphasis>. L'idée est que les serveurs dans la liste principale sont " "préférés et les serveurs de secours sont interrogés uniquement si aucun " "serveur primaire ne peut être atteint. Si un serveur de secours est " "sélectionné, un délai d'attente de 31 secondes est défini. Après ce délai " "d'attente, SSSD tentera périodiquement de se reconnecter à un des serveurs " "primaires. S'il réussit, il remplacera l'actuel serveur (de secours) actif." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:27 msgid "The Failover Mechanism" msgstr "Mécanisme de bascule" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:29 msgid "" "The failover mechanism distinguishes between a machine and a service. The " "back end first tries to resolve the hostname of a given machine; if this " "resolution attempt fails, the machine is considered offline. No further " "attempts are made to connect to this machine for any other service. If the " "resolution attempt succeeds, the back end tries to connect to a service on " "this machine. If the service connection attempt fails, then only this " "particular service is considered offline and the back end automatically " "switches over to the next service. The machine is still considered online " "and might still be tried for another service." msgstr "" "Le mécanisme de bascule fait la distinction entre une machine et d'un " "service. Le moteur tente d'abord de résoudre le nom d'hôte d'un ordinateur " "donné ; en cas d'échec de cette tentative de résolution, la machine est " "considérée comme hors ligne. Aucune autre tentative n'est faite pour se " "connecter à cette machine pour tout autre service. Si la tentative de " "résolution réussit, le serveur principal tente de se connecter à un service " "sur cette machine. Si la tentative de connexion de service échoue, alors ce " "seul service est considéré comme hors ligne et le moteur passe " "automatiquement au service suivant. La machine est toujours considérée en " "ligne et peut toujours être considérée pour une tentative d'accès à un autre " "service." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:42 msgid "" "Further connection attempts are made to machines or services marked as " "offline after a specified period of time; this is currently hard coded to 30 " "seconds." msgstr "" "Les tentatives de connexion ultérieures sont faites vers des machines ou des " "services marqués comme hors connexion après un délai spécifié ; ce délai est " "actuellement spécifié en dur à 30 secondes." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:47 msgid "" "If there are no more machines to try, the back end as a whole switches to " "offline mode, and then attempts to reconnect every 30 seconds." msgstr "" "S'il n'y a plus aucune machine à essayer, le moteur dans son ensemble " "bascule dans le mode hors connexion et tente ensuite de se reconnecter " "toutes les 30 secondes." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:53 msgid "Failover time outs and tuning" msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:55 msgid "" "Resolving a server to connect to can be as simple as running a single DNS " "query or can involve several steps, such as finding the correct site or " "trying out multiple host names in case some of the configured servers are " "not reachable. The more complex scenarios can take some time and SSSD needs " "to balance between providing enough time to finish the resolution process " "but on the other hand, not trying for too long before falling back to " "offline mode. If the SSSD debug logs show that the server resolution is " "timing out before a live server is contacted, you can consider changing the " "time outs." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 msgid "How long would SSSD talk to a single DNS server." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:86 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_timeout" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:90 msgid "" "How long would SSSD try to resolve a failover service. This service " "resolution internally might include several steps, such as resolving DNS SRV " "queries or locating the site." msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:67 #, fuzzy #| msgid "" #| "All of the common configuration options that apply to SSSD domains also " #| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " #| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " #| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " #| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "This section lists the available tunables. Please refer to their description " "in the <citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, manual page. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" "Toutes les options de configuration communes appliquées aux domaines SSSD " "s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " "DOMAINE</quote> dans la page de manuel <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:100 msgid "" "For LDAP-based providers, the resolve operation is performed as part of an " "LDAP connection operation. Thefore, also the <quote>ldap_opt_timeout></" "quote> timeout should be set to a larger value than " "<quote>dns_resolver_timeout</quote> which in turn should be set to a larger " "value than <quote>dns_resolver_op_timeout</quote>." msgstr "" #. type: Content of: <refsect1><title> #: include/ldap_id_mapping.xml:2 msgid "ID MAPPING" msgstr "CORRESPONDANCE D'IDENTIFIANTS" #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:4 msgid "" "The ID-mapping feature allows SSSD to act as a client of Active Directory " "without requiring administrators to extend user attributes to support POSIX " "attributes for user and group identifiers." msgstr "" "La fonctionnalité de correspondance d'ID permet à SSSD d'agir comme un " "client de Active Directory sans demander aux administrateurs d'étendre les " "attributs utilisateur pour prendre en charge les attributs POSIX pour les " "identifiants d'utilisateur et de groupe." #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:9 msgid "" "NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are " "ignored. This is to avoid the possibility of conflicts between automatically-" "assigned and manually-assigned values. If you need to use manually-assigned " "values, ALL values must be manually-assigned." msgstr "" "Remarque : Lorsque la mise en correspondance des ID est activée, les " "attributs uidNumber et gidNumber sont ignorés. Ceci afin d'éviter les " "risques de conflit entre les valeurs attribuées automatiquement et assignées " "manuellement. Si vous avez besoin d'utiliser des valeurs attribuées " "manuellement, TOUTES les valeurs doivent être assignées manuellement." #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:16 msgid "" "Please note that changing the ID mapping related configuration options will " "cause user and group IDs to change. At the moment, SSSD does not support " "changing IDs, so the SSSD database must be removed. Because cached passwords " "are also stored in the database, removing the database should only be " "performed while the authentication servers are reachable, otherwise users " "might get locked out. In order to cache the password, an authentication must " "be performed. It is not sufficient to use <citerefentry> " "<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry> to remove the database, rather the process consists of:" msgstr "" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:33 msgid "Making sure the remote servers are reachable" msgstr "" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:38 msgid "Stopping the SSSD service" msgstr "Arrêter le service SSSD" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:43 msgid "Removing the database" msgstr "Supprimer la base de donnée" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:48 msgid "Starting the SSSD service" msgstr "Démarrer le service SSSD" #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:52 msgid "" "Moreover, as the change of IDs might necessitate the adjustment of other " "system properties such as file and directory ownership, it's advisable to " "plan ahead and test the ID mapping configuration thoroughly." msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ldap_id_mapping.xml:59 msgid "Mapping Algorithm" msgstr "Algorithme de correspondance" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:61 msgid "" "Active Directory provides an objectSID for every user and group object in " "the directory. This objectSID can be broken up into components that " "represent the Active Directory domain identity and the relative identifier " "(RID) of the user or group object." msgstr "" "Active Directory fournit un objectSID pour chaque objet d'utilisateur et de " "groupe dans l'annuaire. Cet objectSID peut être divisé en composants qui " "représentent l'identité de domaine Active Directory et l'identificateur " "relatif (RID) de l'objet utilisateur ou groupe." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " "into equally-sized component sections - called \"slices\"-. Each slice " "represents the space available to an Active Directory domain." msgstr "" "L'algorithme de mise en correspondance des ID de SSSD tient un éventail " "d'uid disponibles et le divise en sections de même taille, appelées « " "tranches ». Chaque tranche représente l'espace disponible dans un domaine " "Active Directory." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:73 msgid "" "When a user or group entry for a particular domain is encountered for the " "first time, the SSSD allocates one of the available slices for that domain. " "In order to make this slice-assignment repeatable on different client " "machines, we select the slice based on the following algorithm:" msgstr "" "Lorsqu'une entrée d'utilisateur ou de groupe pour un domaine particulier est " "rencontrée pour la première fois, SSSD alloue une des plages disponibles " "pour ce domaine. Afin de rendre cette affectation de plage reproductible sur " "les ordinateurs clients différents, l'algorithme de sélection de plage " "suivant est utilisé :" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:80 msgid "" "The SID string is passed through the murmurhash3 algorithm to convert it to " "a 32-bit hashed value. We then take the modulus of this value with the total " "number of available slices to pick the slice." msgstr "" "La chaîne du SID est passée par l'intermédiaire de l'algorithme murmurhash3 " "pour le convertir en une valeur de hachage de 32 bits. Nous prenons ensuite " "le modulo de cette valeur avec le nombre total des tranches disponibles pour " "prendre la tranche." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:86 msgid "" "NOTE: It is possible to encounter collisions in the hash and subsequent " "modulus. In these situations, we will select the next available slice, but " "it may not be possible to reproduce the same exact set of slices on other " "machines (since the order that they are encountered will determine their " "slice). In this situation, it is recommended to either switch to using " "explicit POSIX attributes in Active Directory (disabling ID-mapping) or " "configure a default domain to guarantee that at least one is always " "consistent. See <quote>Configuration</quote> for details." msgstr "" "Remarque : Il est possible de rencontrer les collisions dans le hachage et " "le modulo en découlant. Dans ces situations, la tranche suivante disponible " "sera sélectionnée, mais il n'est pas possible de reproduire le même jeu " "exact des tranches sur d'autres machines (puisque l'ordre dans lequel elles " "sont rencontrées déterminera leur tranche). Dans ce cas, il est recommandé " "de passer à l'utilisation des attributs POSIX explicites dans Active " "Directory (en désactivant la correspondance d'ID) ou configurer un domaine " "par défaut afin de garantir qu'au moins un est toujours cohérent. Pour plus " "d'informations, voir <quote>Configuration</quote>." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:101 msgid "" "Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):" msgstr "" "Configuration minimale (dans la section <quote>[domain/DOMAINNAME]</" "quote>) :" #. type: Content of: <refsect1><refsect2><para><programlisting> #: include/ldap_id_mapping.xml:106 #, no-wrap msgid "" "ldap_id_mapping = True\n" "ldap_schema = ad\n" msgstr "" "ldap_id_mapping = True\n" "ldap_schema = ad\n" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:111 msgid "" "The default configuration results in configuring 10,000 slices, each capable " "of holding up to 200,000 IDs, starting from 200,000 and going up to " "2,000,200,000. This should be sufficient for most deployments." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><title> #: include/ldap_id_mapping.xml:117 msgid "Advanced Configuration" msgstr "Configuration avancée" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:120 msgid "ldap_idmap_range_min (integer)" msgstr "ldap_idmap_range_min (integer)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:123 msgid "" "Specifies the lower bound of the range of POSIX IDs to use for mapping " "Active Directory user and group SIDs." msgstr "" "Spécifie la limite inférieure de la plage d'ID POSIX à utiliser pour la mise " "en correspondance d'identifiants utilisateurs et groupes Active Directory." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:127 msgid "" "NOTE: This option is different from <quote>min_id</quote> in that " "<quote>min_id</quote> acts to filter the output of requests to this domain, " "whereas this option controls the range of ID assignment. This is a subtle " "distinction, but the good general advice would be to have <quote>min_id</" "quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>" msgstr "" "NOTE : Cette option est différente de <quote>min_id</quote> en ce sens que " "<quote>min_id</quote> agit comme filtre sur le résultat des requêtes vers ce " "domaine, alors que cette option contrôle les plages de correspondance d'ID. " "Il s'agit d'une distinction subtile, mais les bonnes pratiques conseillent " "d'avoir <quote>min_id</quote> inférieur ou égal à " "<quote>ldap_idmap_range_min</quote>" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:137 include/ldap_id_mapping.xml:191 msgid "Default: 200000" msgstr "Par défaut : 200000" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:142 msgid "ldap_idmap_range_max (integer)" msgstr "ldap_idmap_range_max (integer)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:145 msgid "" "Specifies the upper bound of the range of POSIX IDs to use for mapping " "Active Directory user and group SIDs." msgstr "" "Spécifie la limite supérieure de la plage d'ID POSIX à utiliser pour la mise " "en correspondance d'identifiants utilisateurs et groupes Active Directory." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:149 msgid "" "NOTE: This option is different from <quote>max_id</quote> in that " "<quote>max_id</quote> acts to filter the output of requests to this domain, " "whereas this option controls the range of ID assignment. This is a subtle " "distinction, but the good general advice would be to have <quote>max_id</" "quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>" msgstr "" "NOTE : Cette option est différente de <quote>max_id</quote> en ce sens que " "<quote>max_id</quote> agit comme filtre sur le résultat des requêtes vers ce " "domaine, alors que cette option contrôle les plages de correspondance d'ID. " "Il s'agit d'une distinction subtile, mais les bonnes pratiques conseillent " "d'avoir <quote>max_id</quote> supérieur ou égal à " "<quote>ldap_idmap_range_max</quote>" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:159 msgid "Default: 2000200000" msgstr "Par défaut : 2000200000" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:164 msgid "ldap_idmap_range_size (integer)" msgstr "ldap_idmap_range_size (integer)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:167 msgid "" "Specifies the number of IDs available for each slice. If the range size " "does not divide evenly into the min and max values, it will create as many " "complete slices as it can." msgstr "" "Spécifie le nombre d'identifiants pour chaque tranche. Si la taille de la " "plage ne divise pas uniformément dans les valeurs minimale et maximale, des " "tranches complètes seront créées autant que possible." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:173 msgid "" "NOTE: The value of this option must be at least as large as the highest user " "RID planned for use on the Active Directory server. User lookups and login " "will fail for any user whose RID is greater than this value." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:179 msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " "equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:186 msgid "" "It is important to plan ahead for future expansion, as changing this value " "will result in changing all of the ID mappings on the system, leading to " "users with different local IDs than they previously had." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:196 msgid "ldap_idmap_default_domain_sid (string)" msgstr "ldap_idmap_default_domain_sid (chaîne)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:199 msgid "" "Specify the domain SID of the default domain. This will guarantee that this " "domain will always be assigned to slice zero in the ID map, bypassing the " "murmurhash algorithm described above." msgstr "" "Spécifier le SID de domaine du domaine par défaut. Cela garantira que ce " "domaine est toujours affecté à la tranche zéro dans la carte d'ID, sans " "passer par l'algorithme murmurhash décrit ci-dessus." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:210 msgid "ldap_idmap_default_domain (string)" msgstr "ldap_idmap_default_domain (chaîne)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:213 msgid "Specify the name of the default domain." msgstr "Spécifier le nom de domaine par défaut." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:221 msgid "ldap_idmap_autorid_compat (boolean)" msgstr "ldap_idmap_autorid_compat (boolean)" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:224 msgid "" "Changes the behavior of the ID-mapping algorithm to behave more similarly to " "winbind's <quote>idmap_autorid</quote> algorithm." msgstr "" "Modifie le comportement de l'algorithme de mise en correspondance des ID " "afin qu'il se comporte de manière identique à celui <quote>idmap_autorid</" "quote> de winbind." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:229 msgid "" "When this option is configured, domains will be allocated starting with " "slice zero and increasing monatomically with each additional domain." msgstr "" "Lorsque cette option est configurée, les domaines seront alloués en " "commençant par la tranche zéro et augmentant de manière monotone pour chaque " "domaine supplémentaire." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:234 msgid "" "NOTE: This algorithm is non-deterministic (it depends on the order that " "users and groups are requested). If this mode is required for compatibility " "with machines running winbind, it is recommended to also use the " "<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at " "least one domain is consistently allocated to slice zero." msgstr "" "Remarque : Cet algorithme n'est pas déterministe (il dépend de l'ordre dans " "lequel utilisateurs et groupes sont invités). Si ce mode est nécessaire pour " "assurer la compatibilité avec les ordinateurs qui utilisent winbind, il est " "recommandé d'utiliser également l'option " "<quote>ldap_idmap_default_domain_sid</quote> pour garantir qu'au moins un " "domaine est systématiquement alloué à la tranche zéro." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:249 msgid "ldap_idmap_helper_table_size (integer)" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:252 msgid "" "Maximal number of secondary slices that is tried when performing mapping " "from UNIX id to SID." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:256 msgid "" "Note: Additional secondary slices might be generated when SID is being " "mapped to UNIX id and RID part of SID is out of range for secondary slices " "generated so far. If value of ldap_idmap_helper_table_size is equal to 0 " "then no additional secondary slices are generated." msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ldap_id_mapping.xml:273 msgid "Well-Known SIDs" msgstr "SID bien connus" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:275 msgid "" "SSSD supports to look up the names of Well-Known SIDs, i.e. SIDs with a " "special hardcoded meaning. Since the generic users and groups related to " "those Well-Known SIDs have no equivalent in a Linux/UNIX environment no " "POSIX IDs are available for those objects." msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:281 msgid "" "The SID name space is organized in authorities which can be seen as " "different domains. The authorities for the Well-Known SIDs are" msgstr "" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:284 msgid "Null Authority" msgstr "Null Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:285 msgid "World Authority" msgstr "World Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:286 msgid "Local Authority" msgstr "Local Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:287 msgid "Creator Authority" msgstr "Creator Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:288 msgid "NT Authority" msgstr "NT Authority" #. type: Content of: <refsect1><refsect2><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:289 msgid "Built-in" msgstr "Built-in" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:291 msgid "" "The capitalized version of these names are used as domain names when " "returning the fully qualified name of a Well-Known SID." msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:295 msgid "" "Since some utilities allow to modify SID based access control information " "with the help of a name instead of using the SID directly SSSD supports to " "look up the SID by the name as well. To avoid collisions only the fully " "qualified names can be used to look up Well-Known SIDs. As a result the " "domain names <quote>NULL AUTHORITY</quote>, <quote>WORLD AUTHORITY</quote>, " "<quote> LOCAL AUTHORITY</quote>, <quote>CREATOR AUTHORITY</quote>, <quote>NT " "AUTHORITY</quote> and <quote>BUILTIN</quote> should not be used as domain " "names in <filename>sssd.conf</filename>." msgstr "" #. type: Content of: <varlistentry><term> #: include/param_help.xml:3 msgid "<option>-?</option>,<option>--help</option>" msgstr "<option>-?</option>,<option>--help</option>" #. type: Content of: <varlistentry><listitem><para> #: include/param_help.xml:7 include/param_help_py.xml:7 msgid "Display help message and exit." msgstr "Affiche l'aide et quitte." #. type: Content of: <varlistentry><term> #: include/param_help_py.xml:3 msgid "<option>-h</option>,<option>--help</option>" msgstr "<option>-h</option>,<option>--help</option>" #. type: Content of: <listitem><para> #: include/debug_levels.xml:3 include/debug_levels_tools.xml:3 msgid "" "SSSD supports two representations for specifying the debug level. The " "simplest is to specify a decimal value from 0-9, which represents enabling " "that level and all lower-level debug messages. The more comprehensive option " "is to specify a hexadecimal bitmask to enable or disable specific levels " "(such as if you wish to suppress a level)." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:10 msgid "" "Please note that each SSSD service logs into its own log file. Also please " "note that enabling <quote>debug_level</quote> in the <quote>[sssd]</quote> " "section only enables debugging just for the sssd process itself, not for the " "responder or provider processes. The <quote>debug_level</quote> parameter " "should be added to all sections that you wish to produce debug logs from." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:18 msgid "" "In addition to changing the log level in the config file using the " "<quote>debug_level</quote> parameter, which is persistent, but requires SSSD " "restart, it is also possible to change the debug level on the fly using the " "<citerefentry> <refentrytitle>sss_debuglevel</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry> tool." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:29 include/debug_levels_tools.xml:10 msgid "Currently supported debug levels:" msgstr "Niveaux de débogage actuellement pris en charge :" #. type: Content of: <listitem><para> #: include/debug_levels.xml:32 include/debug_levels_tools.xml:13 msgid "" "<emphasis>0</emphasis>, <emphasis>0x0010</emphasis>: Fatal failures. " "Anything that would prevent SSSD from starting up or causes it to cease " "running." msgstr "" "<emphasis>0</emphasis>, <emphasis>0x0010</emphasis> : défaillances fatales. " "Tout ce qui empêcherait SSSD de démarrer ou provoquerait son arrêt." #. type: Content of: <listitem><para> #: include/debug_levels.xml:38 include/debug_levels_tools.xml:19 msgid "" "<emphasis>1</emphasis>, <emphasis>0x0020</emphasis>: Critical failures. An " "error that doesn't kill SSSD, but one that indicates that at least one major " "feature is not going to work properly." msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:45 include/debug_levels_tools.xml:26 msgid "" "<emphasis>2</emphasis>, <emphasis>0x0040</emphasis>: Serious failures. An " "error announcing that a particular request or operation has failed." msgstr "" "<emphasis>2</emphasis>, <emphasis>0x0040</emphasis> : défaillances graves. " "Une erreur qui annonce qu'une requête particulière ou une opération a échoué." #. type: Content of: <listitem><para> #: include/debug_levels.xml:50 include/debug_levels_tools.xml:31 msgid "" "<emphasis>3</emphasis>, <emphasis>0x0080</emphasis>: Minor failures. These " "are the errors that would percolate down to cause the operation failure of 2." msgstr "" "<emphasis>3</emphasis>, <emphasis>0x0080</emphasis> : erreurs mineures. Ce " "sont les erreurs qui seraient susceptibles d'empirer pour provoquer l'erreur " "en 2." #. type: Content of: <listitem><para> #: include/debug_levels.xml:55 include/debug_levels_tools.xml:36 msgid "" "<emphasis>4</emphasis>, <emphasis>0x0100</emphasis>: Configuration settings." msgstr "" "<emphasis>4</emphasis>, <emphasis>0x0100</emphasis> : paramètres de " "configuration." #. type: Content of: <listitem><para> #: include/debug_levels.xml:59 include/debug_levels_tools.xml:40 msgid "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis>: Function data." msgstr "" "<emphasis>5</emphasis>, <emphasis>0x0200</emphasis> : données de " "fonctionnement." #. type: Content of: <listitem><para> #: include/debug_levels.xml:63 include/debug_levels_tools.xml:44 msgid "" "<emphasis>6</emphasis>, <emphasis>0x0400</emphasis>: Trace messages for " "operation functions." msgstr "" "<emphasis>6</emphasis>, <emphasis>0x0400</emphasis> : traçage des fonctions " "opérationnelles." #. type: Content of: <listitem><para> #: include/debug_levels.xml:67 include/debug_levels_tools.xml:48 msgid "" "<emphasis>7</emphasis>, <emphasis>0x1000</emphasis>: Trace messages for " "internal control functions." msgstr "" "<emphasis>7</emphasis>, <emphasis>0x1000</emphasis> : traçage des fonctions " "de contrôles internes." #. type: Content of: <listitem><para> #: include/debug_levels.xml:72 include/debug_levels_tools.xml:53 msgid "" "<emphasis>8</emphasis>, <emphasis>0x2000</emphasis>: Contents of function-" "internal variables that may be interesting." msgstr "" "<emphasis>8</emphasis>, <emphasis>0x2000</emphasis> : contenu des variables " "internes de fonctions pouvent être intéressantes." #. type: Content of: <listitem><para> #: include/debug_levels.xml:77 include/debug_levels_tools.xml:58 msgid "" "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " "tracing information." msgstr "" "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis> : informations de " "traçage de bas niveau." #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" "<emphasis>Exemple</emphasis> : pour suivre erreurs fatales, critiques, " "graves et les données de fonction, utiliser 0x0270." #. type: Content of: <listitem><para> #: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" "<emphasis>Exemple</emphasis> : pour consigner les erreurs fatales, les " "paramètres de configuration, les données de fonction, les messages de trace " "pour les fonctions de contrôle interne, utiliser 0x1310." #. type: Content of: <listitem><para> #: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" "<emphasis>Note</emphasis> : le format des niveaux de débogage a été " "introduit dans la version 1.7.0." #. type: Content of: <listitem><para> #: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Par défaut</emphasis> : 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" "<emphasis> This is an experimental feature, please use https://pagure.io/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" #. type: Content of: <refsect1><title> #: include/local.xml:2 msgid "THE LOCAL DOMAIN" msgstr "LE DOMAINE LOCAL" #. type: Content of: <refsect1><para> #: include/local.xml:4 msgid "" "In order to function correctly, a domain with <quote>id_provider=local</" "quote> must be created and the SSSD must be running." msgstr "" "Pour fonctionner correctement, un domaine avec <quote>id_provider = local</" "quote> doit être créé et SSSD doit s'exécuter." #. type: Content of: <refsect1><para> #: include/local.xml:9 msgid "" "The administrator might want to use the SSSD local users instead of " "traditional UNIX users in cases where the group nesting (see <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry>) is needed. The local users are also useful for testing and " "development of the SSSD without having to deploy a full remote server. The " "<command>sss_user*</command> and <command>sss_group*</command> tools use a " "local LDB storage to store users and groups." msgstr "" "L'administrateur peut vouloir utiliser les utilisateurs locaux SSSD au lieu " "des utilisateurs UNIX traditionnels dans les cas où l'imbrication de groupes " "(cf. <citerefentry><refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</" "manvolnum></citerefentry>) est nécessaire. Les utilisateurs locaux sont " "également utiles pour les tests et le développement de SSSD sans avoir à " "déployer un serveur distant complet. Les outils <command>sss_user *</" "command> et <command>sss_group *</command> utilisent alors un stockage local " "de type LDB pour les utilisateurs et les groupes." #. type: Content of: <refsect1><para> #: include/seealso.xml:4 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>, </phrase> <phrase condition=\"with_secrets\"> <citerefentry> " "<refentrytitle>sssd-secrets</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>, </phrase> <citerefentry> <refentrytitle>sssd-session-" "recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, " "<citerefentry> <refentrytitle>sss_cache</refentrytitle><manvolnum>8</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_debuglevel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_obfuscate</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_seed</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <phrase condition=" "\"with_ssh\"> <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>. <citerefentry> " "<refentrytitle>sss_rpcidmapd</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> <phrase condition=\"with_stap\"> <citerefentry> " "<refentrytitle>sssd-systemtap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> </phrase>" msgstr "" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:3 msgid "" "An optional base DN, search scope and LDAP filter to restrict LDAP searches " "for this attribute type." msgstr "" "Un DN de base facultatif, une étendue de recherche et un filtre LDAP afin de " "restreindre les recherches LDAP pour ce type d'attribut." #. type: Content of: <listitem><para><programlisting> #: include/ldap_search_bases.xml:9 #, no-wrap msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n" msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:7 msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "syntaxe : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:13 msgid "" "The scope can be one of \"base\", \"onelevel\" or \"subtree\". The scope " "functions as specified in section 4.5.1.2 of http://tools.ietf.org/html/" "rfc4511" msgstr "" "La portée peut être l'une des « base », « onelevel » ou « subtree ». Les " "fonctions de portée sont spécifiées dans la section 4.5.1.2 de http://tools." "ietf.org/html/rfc4511" #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:23 msgid "" "For examples of this syntax, please refer to the <quote>ldap_search_base</" "quote> examples section." msgstr "" "Pour obtenir des exemples de cette syntaxe, reportez-vous à la section " "d'exemples <quote>ldap_search_base</quote>." #. type: Content of: <listitem><para> #: include/ldap_search_bases.xml:31 msgid "" "Please note that specifying scope or filter is not supported for searches " "against an Active Directory Server that might yield a large number of " "results and trigger the Range Retrieval extension in the response." msgstr "" "Noter que la spécification de portée ou de filtre n'est pas prise en charge " "pour les recherches sur un serveur Active Directory qui serait susceptible " "de produire un grand nombre de résultats et de déclencher l'extension Range " "Retrieval dans sa réponse." #. type: Content of: <para> #: include/autofs_restart.xml:2 msgid "" "Please note that the automounter only reads the master map on startup, so if " "any autofs-related changes are made to the sssd.conf, you typically also " "need to restart the automounter daemon after restarting the SSSD." msgstr "" "Veuillez noter que l'automounter ne lit que la carte maîtresse au démarrage. " "Ainsi, si des modifications liées à autofs sont apportées à sssd.conf, vous " "devrez généralement redémarrer le démon automounter après le redémarrage de " "SSSD" #. type: Content of: <varlistentry><term> #: include/override_homedir.xml:2 msgid "override_homedir (string)" msgstr "override_homedir (chaîne)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:16 msgid "UID number" msgstr "numéro d'UID" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:20 msgid "domain name" msgstr "nom de domaine" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:23 msgid "%f" msgstr "%f" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:24 msgid "fully qualified user name (user@domain)" msgstr "nom d'utilisateur pleinement qualifié (utilisateur@domaine)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:27 msgid "%l" msgstr "" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:28 msgid "The first letter of the login name." msgstr "" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:32 msgid "UPN - User Principal Name (name@REALM)" msgstr "" "UPN - Nom de principal d'utilisateur (User principal name, nom@ROYAUME)" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:35 msgid "%o" msgstr "%o" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:37 msgid "The original home directory retrieved from the identity provider." msgstr "" "Le répertoire utilisateur original provenant du fournisseur d'identité." #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><term> #: include/override_homedir.xml:42 msgid "%H" msgstr "%H" #. type: Content of: <varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: include/override_homedir.xml:44 msgid "The value of configure option <emphasis>homedir_substring</emphasis>." msgstr "" "La valeur de l'option de configuration <emphasis>homedir_substring</" "emphasis>." #. type: Content of: <varlistentry><listitem><para> #: include/override_homedir.xml:5 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Réécrit le répertoire personnel de l'utilisateur. Il est possible de fournir " "une valeur absolue ou un patron. Dans le cas d'un patron, les séquences " "suivantes sont substituées :<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <varlistentry><listitem><para><programlisting> #: include/override_homedir.xml:61 #, no-wrap msgid "" "override_homedir = /home/%u\n" " " msgstr "" "override_homedir = /home/%u\n" " " #. type: Content of: <varlistentry><listitem><para> #: include/override_homedir.xml:65 msgid "Default: Not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : Indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <varlistentry><term> #: include/homedir_substring.xml:2 msgid "homedir_substring (string)" msgstr "homedir_substring (chaîne)" #. type: Content of: <varlistentry><listitem><para> #: include/homedir_substring.xml:5 msgid "" "The value of this option will be used in the expansion of the " "<emphasis>override_homedir</emphasis> option if the template contains the " "format string <emphasis>%H</emphasis>. An LDAP directory entry can directly " "contain this template so that this option can be used to expand the home " "directory path for each client machine (or operating system). It can be set " "per-domain or globally in the [nss] section. A value specified in a domain " "section will override one set in the [nss] section." msgstr "" #. type: Content of: <varlistentry><listitem><para> #: include/homedir_substring.xml:15 msgid "Default: /home" msgstr "Par défaut : /home" #. type: Content of: <refsect1><title> #: include/ad_modified_defaults.xml:2 include/ipa_modified_defaults.xml:2 msgid "MODIFIED DEFAULT OPTIONS" msgstr "" #. type: Content of: <refsect1><para> #: include/ad_modified_defaults.xml:4 msgid "" "Certain option defaults do not match their respective backend provider " "defaults, these option names and AD provider-specific defaults are listed " "below:" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:9 include/ipa_modified_defaults.xml:9 msgid "KRB5 Provider" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:13 include/ipa_modified_defaults.xml:13 msgid "krb5_validate = true" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:18 msgid "krb5_use_enterprise_principal = true" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ad_modified_defaults.xml:24 msgid "LDAP Provider" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:28 msgid "ldap_schema = ad" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:33 include/ipa_modified_defaults.xml:38 msgid "ldap_force_upper_case_realm = true" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:38 msgid "ldap_id_mapping = true" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 msgid "ldap_sasl_mech = gssapi" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 msgid "ldap_referrals = false" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:53 msgid "ldap_account_expire_policy = ad" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:58 include/ipa_modified_defaults.xml:58 msgid "ldap_use_tokengroups = true" msgstr "" #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" "Certain option defaults do not match their respective backend provider " "defaults, these option names and IPA provider-specific defaults are listed " "below:" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:18 msgid "krb5_use_fast = try" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:23 msgid "krb5_canonicalize = true" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ipa_modified_defaults.xml:29 msgid "LDAP Provider - General" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:33 msgid "ldap_schema = ipa_v1" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:43 msgid "ldap_sasl_mech = GSSAPI" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:48 msgid "ldap_sasl_minssf = 56" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:53 msgid "ldap_account_expire_policy = ipa" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ipa_modified_defaults.xml:64 msgid "LDAP Provider - User options" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:68 msgid "ldap_user_member_of = memberOf" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:73 msgid "ldap_user_uuid = ipaUniqueID" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:78 msgid "ldap_user_ssh_public_key = ipaSshPubKey" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:83 msgid "ldap_user_auth_type = ipaUserAuthType" msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/ipa_modified_defaults.xml:89 msgid "LDAP Provider - Group options" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:93 msgid "ldap_group_object_class = ipaUserGroup" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:98 msgid "ldap_group_object_class_alt = posixGroup" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:103 msgid "ldap_group_member = member" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:108 msgid "ldap_group_uuid = ipaUniqueID" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:113 msgid "ldap_group_objectsid = ipaNTSecurityIdentifier" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" #~ "<command>sss_debuglevel</command> changes debug level of SSSD monitor and " #~ "providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " #~ "running." #~ msgstr "" #~ "<command>sss_debuglevel</command> positionne le niveau de débogage du " #~ "moniteur et des fournisseurs SSSD à <replaceable>NEW_DEBUG_LEVEL</" #~ "replaceable> pendant l'exécution de SSSD." #~ msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" #~ msgstr "<replaceable>NEW_DEBUG_LEVEL</replaceable>"