summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2011-12-09 09:03:22 -0500
committerStephen Gallagher <sgallagh@redhat.com>2011-12-09 09:34:27 -0500
commitc3fa76735af8ba75cc9be51e78ea3e09e5e8dc95 (patch)
tree0fe4e6d40876c87b19919b8508916f69a72d7593
parentb9e58753ff9733ee223c35e4c0b4988c5df4f5d2 (diff)
downloadsssd_unused-c3fa76735af8ba75cc9be51e78ea3e09e5e8dc95.tar.gz
sssd_unused-c3fa76735af8ba75cc9be51e78ea3e09e5e8dc95.tar.xz
sssd_unused-c3fa76735af8ba75cc9be51e78ea3e09e5e8dc95.zip
Translation update
Diffstat
-rw-r--r--po/LINGUAS4
-rw-r--r--po/ar.po14
-rw-r--r--po/as.po14
-rw-r--r--po/bal.po14
-rw-r--r--po/bn.po14
-rw-r--r--po/bn_IN.po14
-rw-r--r--po/ca.po14
-rw-r--r--po/cs.po17
-rw-r--r--po/cs_CZ.po14
-rw-r--r--po/da.po14
-rw-r--r--po/de.po14
-rw-r--r--po/de_CH.po14
-rw-r--r--po/el.po14
-rw-r--r--po/en_GB.po14
-rw-r--r--po/es.po14
-rw-r--r--po/et.po14
-rw-r--r--po/fa.po14
-rw-r--r--po/fa_IR.po14
-rw-r--r--po/fi.po14
-rw-r--r--po/fr.po14
-rw-r--r--po/gu.po14
-rw-r--r--po/he.po14
-rw-r--r--po/hi.po14
-rw-r--r--po/hu.po14
-rw-r--r--po/id.po14
-rw-r--r--po/is.po14
-rw-r--r--po/it.po14
-rw-r--r--po/ja.po14
-rw-r--r--po/ja_JP.po14
-rw-r--r--po/kn.po14
-rw-r--r--po/ko.po14
-rw-r--r--po/lt.po14
-rw-r--r--po/lt_LT.po14
-rw-r--r--po/mai.po14
-rw-r--r--po/ml.po14
-rw-r--r--po/mr.po14
-rw-r--r--po/nb.po14
-rw-r--r--po/nds.po14
-rw-r--r--po/nl.po14
-rw-r--r--po/nn.po14
-rw-r--r--po/or.po14
-rw-r--r--po/pa.po14
-rw-r--r--po/pl.po14
-rw-r--r--po/pt.po14
-rw-r--r--po/pt_BR.po14
-rw-r--r--po/ro.po14
-rw-r--r--po/ru.po14
-rw-r--r--po/sk.po14
-rw-r--r--po/sl.po14
-rw-r--r--po/sq.po14
-rw-r--r--po/sr.po14
-rw-r--r--po/sssd.pot14
-rw-r--r--po/sv.po14
-rw-r--r--po/ta.po17
-rw-r--r--po/ta_IN.po14
-rw-r--r--po/te.po14
-rw-r--r--po/tr.po14
-rw-r--r--po/uk.po14
-rw-r--r--po/ur.po14
-rw-r--r--po/vi.po14
-rw-r--r--po/vi_VN.po14
-rw-r--r--po/zh_CN.po14
-rw-r--r--po/zh_HK.po14
-rw-r--r--po/zh_TW.po14
-rw-r--r--src/man/po/ar.po2
-rw-r--r--src/man/po/as.po2
-rw-r--r--src/man/po/ast.po6017
-rw-r--r--src/man/po/bal.po2
-rw-r--r--src/man/po/bg.po6017
-rw-r--r--src/man/po/bn.po2
-rw-r--r--src/man/po/bn_IN.po2
-rw-r--r--src/man/po/cs_CZ.po2
-rw-r--r--src/man/po/da.po2
-rw-r--r--src/man/po/de_CH.po2
-rw-r--r--src/man/po/el.po2
-rw-r--r--src/man/po/et.po2
-rw-r--r--src/man/po/fa_IR.po2
-rw-r--r--src/man/po/fi.po2
-rw-r--r--src/man/po/gu.po2
-rw-r--r--src/man/po/hi.po2
-rw-r--r--src/man/po/hu.po2
-rw-r--r--src/man/po/is.po2
-rw-r--r--src/man/po/ja_JP.po2
-rw-r--r--src/man/po/kn.po2
-rw-r--r--src/man/po/ko.po2
-rw-r--r--src/man/po/lt.po2
-rw-r--r--src/man/po/lt_LT.po2
-rw-r--r--src/man/po/mai.po2
-rw-r--r--src/man/po/ml.po2
-rw-r--r--src/man/po/mr.po2
-rw-r--r--src/man/po/nds.po2
-rw-r--r--src/man/po/nn.po2
-rw-r--r--src/man/po/or.po2
-rw-r--r--src/man/po/pa.po2
-rw-r--r--src/man/po/ro.po2
-rw-r--r--src/man/po/sl.po2
-rw-r--r--src/man/po/sq.po2
-rw-r--r--src/man/po/sr.po2
-rw-r--r--src/man/po/sssd-docs.pot4
-rw-r--r--src/man/po/sv.po2
-rw-r--r--src/man/po/ta.po5
-rw-r--r--src/man/po/ta_IN.po2
-rw-r--r--src/man/po/te.po2
-rw-r--r--src/man/po/tg.po6017
-rw-r--r--src/man/po/tr.po2
-rw-r--r--src/man/po/ur.po2
-rw-r--r--src/man/po/vi_VN.po2
-rw-r--r--src/man/po/zh_HK.po2
-rw-r--r--src/man/po/zh_TW.po2
109 files changed, 18545 insertions, 487 deletions
diff --git a/po/LINGUAS b/po/LINGUAS
index befc7622..1257ec34 100644
--- a/po/LINGUAS
+++ b/po/LINGUAS
@@ -1,8 +1,11 @@
ar
as
+ast
bal
+bg
bn_IN
bn
+bs
ca
cs_CZ
cs
@@ -52,6 +55,7 @@ sv
ta_IN
ta
te
+tg
tr
uk
ur
diff --git a/po/ar.po b/po/ar.po
index 0fd4fca4..0e9f6406 100644
--- a/po/ar.po
+++ b/po/ar.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Arabic <trans-ar@lists.fedoraproject.org>\n"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/as.po b/po/as.po
index 991f0769..dcd456ad 100644
--- a/po/as.po
+++ b/po/as.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Assamese (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/bal.po b/po/bal.po
index 744de9f4..af3ecd35 100644
--- a/po/bal.po
+++ b/po/bal.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Balochi <trans-bal@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/bn.po b/po/bn.po
index f65da5db..0f338d48 100644
--- a/po/bn.po
+++ b/po/bn.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Bengali <info@ankur.org.bd>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/bn_IN.po b/po/bn_IN.po
index 43f85adf..1c3e21c9 100644
--- a/po/bn_IN.po
+++ b/po/bn_IN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Bengali (India) <anubad@lists.ankur.org.in>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ca.po b/po/ca.po
index 9129f8ea..b654f147 100644
--- a/po/ca.po
+++ b/po/ca.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Catalan <fedora@llistes.softcatala.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/cs.po b/po/cs.po
index 29dd9e7a..3dd2b992 100644
--- a/po/cs.po
+++ b/po/cs.po
@@ -2,12 +2,13 @@
# Copyright (C) YEAR Red Hat, Inc.
# This file is distributed under the same license as the PACKAGE package.
#
+# Translators:
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
-"PO-Revision-Date: 2011-08-05 11:36+0000\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
+"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Czech (http://www.transifex.net/projects/p/fedora/team/cs/)\n"
"Language: cs\n"
@@ -681,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/cs_CZ.po b/po/cs_CZ.po
index ead3cfb5..161c692d 100644
--- a/po/cs_CZ.po
+++ b/po/cs_CZ.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/da.po b/po/da.po
index fb0814d0..4b06aae0 100644
--- a/po/da.po
+++ b/po/da.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/de.po b/po/de.po
index 3812aa89..da186a48 100644
--- a/po/de.po
+++ b/po/de.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSS\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2009-12-09 11:13+0100\n"
"Last-Translator: Fabian Affolter <fab@fedoraproject.org>\n"
"Language-Team: German <fedora-trans-de@redhat.com>\n"
@@ -701,27 +701,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/de_CH.po b/po/de_CH.po
index 0b099ff4..5536897d 100644
--- a/po/de_CH.po
+++ b/po/de_CH.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/el.po b/po/el.po
index 687ee466..660dcc9d 100644
--- a/po/el.po
+++ b/po/el.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Greek <trans-el@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/en_GB.po b/po/en_GB.po
index 5a474642..21aa44c7 100644
--- a/po/en_GB.po
+++ b/po/en_GB.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: English (United Kingdom) (http://www.transifex.net/projects/p/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/es.po b/po/es.po
index a6f0111c..4c6b66ee 100644
--- a/po/es.po
+++ b/po/es.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_daemon 0.4.0\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-07-20 09:18-0300\n"
"Last-Translator: Héctor Daniel Cabrera <logan@fedoraproject.org>\n"
"Language-Team: Fedora Spanish <trans-es@lists.fedoraproject.org>\n"
@@ -735,27 +735,27 @@ msgstr "Un arhivo abierto de descriptor para los registros de depuración"
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del proveedor de información (obligatorio)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr "El zócalo público posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr "Formato no esperado del mensaje de la credencial del servidor."
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr "SSSD no está siendo ejecutado por el usuario root."
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción."
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
"Ha ocurrido un error no esperado mientras se buscaba la descripción del error"
diff --git a/po/et.po b/po/et.po
index 4991d900..0e4907c5 100644
--- a/po/et.po
+++ b/po/et.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Estonian (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/fa.po b/po/fa.po
index 1c2e5264..0139fc73 100644
--- a/po/fa.po
+++ b/po/fa.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Persian (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/fa_IR.po b/po/fa_IR.po
index fc5833c0..51376669 100644
--- a/po/fa_IR.po
+++ b/po/fa_IR.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/fi.po b/po/fi.po
index 2889c3ad..b28da2c5 100644
--- a/po/fi.po
+++ b/po/fi.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Finnish (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/fr.po b/po/fr.po
index 6d03858b..07f3560f 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: fr\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2009-11-17 21:05+0100\n"
"Last-Translator: Pablo Martin-Gomez <pablo.martin-gomez@laposte.net>\n"
"Language-Team: Français <fedora-trans-fr@redhat.com>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/gu.po b/po/gu.po
index 3899bc1e..d9012776 100644
--- a/po/gu.po
+++ b/po/gu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Gujarati <trans-gu@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/he.po b/po/he.po
index 06b27f5a..7f25f575 100644
--- a/po/he.po
+++ b/po/he.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Hebrew <he-users@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/hi.po b/po/hi.po
index e3a99126..27e95035 100644
--- a/po/hi.po
+++ b/po/hi.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Hindi <indlinux-hindi@lists.sourceforge.net>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/hu.po b/po/hu.po
index 2e87e7b0..d136bb17 100644
--- a/po/hu.po
+++ b/po/hu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Hungarian <trans-hu@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/id.po b/po/id.po
index 5bfc8850..fe05fa72 100644
--- a/po/id.po
+++ b/po/id.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-03-09 10:34+0700\n"
"Last-Translator: Teguh DC <dheche@songolimo.net>\n"
"Language-Team: Fedora Indonesia <trans-id@lists.fedoraproject.org>\n"
@@ -716,27 +716,27 @@ msgstr "Mengatur verbosity dari pencatatan debug"
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/is.po b/po/is.po
index d3384887..08fc463f 100644
--- a/po/is.po
+++ b/po/is.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Icelandic (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/it.po b/po/it.po
index 578ed53d..2fbb6f08 100644
--- a/po/it.po
+++ b/po/it.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: it\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-04-08 16:50+0200\n"
"Last-Translator: Guido Grazioli <guido.grazioli@gmail.com>\n"
"Language-Team: Italian <trans-it@lists.fedoraproject.org>\n"
@@ -727,28 +727,28 @@ msgstr "Un descrittore di file aperto per l'output di debug"
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del provider di informazioni (obbligatorio)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Percorso della cache delle credenziali utente"
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ja.po b/po/ja.po
index 1d4e64d5..37acc454 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2011-05-27 19:57+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Japanese (http://www.transifex.net/projects/p/fedora/team/"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ja_JP.po b/po/ja_JP.po
index f9ee3186..3a083241 100644
--- a/po/ja_JP.po
+++ b/po/ja_JP.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/kn.po b/po/kn.po
index 4300ba3d..6f898e83 100644
--- a/po/kn.po
+++ b/po/kn.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Kannada (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ko.po b/po/ko.po
index 879a2023..f46b6498 100644
--- a/po/ko.po
+++ b/po/ko.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Korean (http://www.transifex.net/projects/p/fedora/team/ko/)\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/lt.po b/po/lt.po
index bbe55f7f..f5f2bda9 100644
--- a/po/lt.po
+++ b/po/lt.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Lithuanian (http://www.transifex.net/projects/p/fedora/team/"
@@ -684,27 +684,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/lt_LT.po b/po/lt_LT.po
index 4944b88b..f7da646b 100644
--- a/po/lt_LT.po
+++ b/po/lt_LT.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/mai.po b/po/mai.po
index 7c2ff50b..a9fe1ee2 100644
--- a/po/mai.po
+++ b/po/mai.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Maithili (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ml.po b/po/ml.po
index 87054964..fed904af 100644
--- a/po/ml.po
+++ b/po/ml.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Malayalam <discuss@lists.smc.org.in>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/mr.po b/po/mr.po
index 8d7af9d5..4ad38548 100644
--- a/po/mr.po
+++ b/po/mr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Marathi (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/nb.po b/po/nb.po
index 4c7c2e15..49be964a 100644
--- a/po/nb.po
+++ b/po/nb.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/nds.po b/po/nds.po
index aeb8d0f5..877dce89 100644
--- a/po/nds.po
+++ b/po/nds.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Low German <nds-lowgerman@lists.sourceforge.net>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/nl.po b/po/nl.po
index c6648e71..8e9166f6 100644
--- a/po/nl.po
+++ b/po/nl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd.master.sss_daemon\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2009-11-19 12:19+0100\n"
"Last-Translator: Richard van der Luit <nippur@fedoraproject.org>\n"
"Language-Team: Dutch <nl@li.org>\n"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/nn.po b/po/nn.po
index acf5de58..6791c963 100644
--- a/po/nn.po
+++ b/po/nn.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Norwegian Nynorsk <i18n-nn@lister.ping.uio.no>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/or.po b/po/or.po
index 8a17e601..70c498dc 100644
--- a/po/or.po
+++ b/po/or.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Oriya (http://www.transifex.net/projects/p/fedora/team/or/)\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/pa.po b/po/pa.po
index d207960c..aac30087 100644
--- a/po/pa.po
+++ b/po/pa.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Panjabi (Punjabi) <punjabi-users@lists.sf.net>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/pl.po b/po/pl.po
index 2787990b..a7e56e6c 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -5,7 +5,7 @@ msgid ""
msgstr ""
"Project-Id-Version: pl\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2011-01-23 17:33+0100\n"
"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
"Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
@@ -700,27 +700,27 @@ msgstr "Otwiera deskryptor pliku dla dzienników debugowania"
msgid "Domain of the information provider (mandatory)"
msgstr "Domena dostawcy informacji (wymagane)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Uprawnione gniazdo posiada błędnego właściciela lub uprawnienia."
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr "Publiczne gniazdo posiada błędnego właściciela lub uprawnienia"
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera."
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr "SSSD nie zostało uruchomione w trybie roota."
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu."
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu"
diff --git a/po/pt.po b/po/pt.po
index f1d90d60..04f28a0d 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd.master.sss_daemon\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-02-23 13:59+0100\n"
"Last-Translator: Rui Gouveia <rui.gouveia@gmail.com>\n"
"Language-Team: fedora-trans-pt@redhat.com\n"
@@ -726,28 +726,28 @@ msgstr "Um descritor de ficheiro aberto para os registos de depuração"
msgid "Domain of the information provider (mandatory)"
msgstr "Domínio do fornecedor de informação (obrigatório)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Localização da cache de credenciais dos utilizadores"
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/pt_BR.po b/po/pt_BR.po
index 20687742..5c2951dc 100644
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Portuguese (Brazilian) <trans-pt_br@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ro.po b/po/ro.po
index e2443e31..b3c7ebeb 100644
--- a/po/ro.po
+++ b/po/ro.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Romanian (http://www.transifex.net/projects/p/fedora/team/"
@@ -684,27 +684,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ru.po b/po/ru.po
index dd207960..44a3a594 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: ru\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-04-07 21:39+0300\n"
"Last-Translator: Dmitry Drozdov <dmi3652@gmail.com>\n"
"Language-Team: Russian <fedora-trans-ru@redhat.com>\n"
@@ -727,28 +727,28 @@ msgstr "Открытый дескриптор файла для журналов
msgid "Domain of the information provider (mandatory)"
msgstr "Домен поставщика информации (обязательный)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Расположения кэша учётных данных пользователей"
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/sk.po b/po/sk.po
index 184cf5ac..1e0a2ba3 100644
--- a/po/sk.po
+++ b/po/sk.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2011-08-05 11:37+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Slovak (http://www.transifex.net/projects/p/fedora/team/sk/)\n"
@@ -681,27 +681,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/sl.po b/po/sl.po
index a774c91b..e570880d 100644
--- a/po/sl.po
+++ b/po/sl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/sq.po b/po/sq.po
index b8041f90..bbe4cebf 100644
--- a/po/sq.po
+++ b/po/sq.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Albanian (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/sr.po b/po/sr.po
index ad387569..5b5061e1 100644
--- a/po/sr.po
+++ b/po/sr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Serbian <trans-sr@lists.fedoraproject.org>\n"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/sssd.pot b/po/sssd.pot
index 6bd3ebe7..43ed82dc 100644
--- a/po/sssd.pot
+++ b/po/sssd.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/sv.po b/po/sv.po
index 19182cdc..f34fdc8e 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_server\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2009-12-30 17:58+0100\n"
"Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n"
"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
@@ -719,28 +719,28 @@ msgstr "Ange pratsamhet för felsökningsloggning"
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "Plats för användarens kreditiv-cache"
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ta.po b/po/ta.po
index 1ea70d18..52ece158 100644
--- a/po/ta.po
+++ b/po/ta.po
@@ -2,12 +2,13 @@
# Copyright (C) YEAR Red Hat, Inc.
# This file is distributed under the same license as the PACKAGE package.
#
+# Translators:
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
-"PO-Revision-Date: 2011-08-05 11:36+0000\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
+"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Tamil <tamil-users@lists.fedoraproject.org>\n"
"Language: ta\n"
@@ -681,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/ta_IN.po b/po/ta_IN.po
index 7a4d83a8..2d01484e 100644
--- a/po/ta_IN.po
+++ b/po/ta_IN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/te.po b/po/te.po
index 023730bc..612c8abf 100644
--- a/po/te.po
+++ b/po/te.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Telugu (http://www.transifex.net/projects/p/fedora/team/te/)\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/tr.po b/po/tr.po
index 6dff80ad..f09b177b 100644
--- a/po/tr.po
+++ b/po/tr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Turkish (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/uk.po b/po/uk.po
index 69ec0dfb..e87755e5 100644
--- a/po/uk.po
+++ b/po/uk.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2011-01-23 10:08+0200\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <translation@linux.org.ua>\n"
@@ -707,27 +707,27 @@ msgstr "Дескриптор відкритого файла для запису
msgid "Domain of the information provider (mandatory)"
msgstr "Домен надання відомостей (обов’язковий)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr "У привілейованого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr "У відкритого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера."
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr "SSSD запущено не від імені користувача root."
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr "Сталася помилка, але не вдалося знайти її опису."
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr "Неочікувана помилка під час пошуку опису помилки"
diff --git a/po/ur.po b/po/ur.po
index ff3f1bb4..25e379b1 100644
--- a/po/ur.po
+++ b/po/ur.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Urdu <trans-urdu@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/vi.po b/po/vi.po
index 3caace27..fb487df6 100644
--- a/po/vi.po
+++ b/po/vi.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Vietnamese (http://www.transifex.net/projects/p/fedora/team/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/vi_VN.po b/po/vi_VN.po
index 9e6b969f..c38df95f 100644
--- a/po/vi_VN.po
+++ b/po/vi_VN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/zh_CN.po b/po/zh_CN.po
index 930cbb77..c66c9568 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Chinese (China) (http://www.transifex.net/projects/p/fedora/"
@@ -683,27 +683,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/zh_HK.po b/po/zh_HK.po
index 0f76e01c..71bb0ac7 100644
--- a/po/zh_HK.po
+++ b/po/zh_HK.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-11-30 04:10+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Chinese (Hong Kong) <chinese@lists.fedoraproject.org>\n"
@@ -682,27 +682,27 @@ msgstr ""
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/po/zh_TW.po b/po/zh_TW.po
index 7fbac63e..81e04698 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sss_daemon 1.1.0\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2011-10-18 13:36-0400\n"
+"POT-Creation-Date: 2011-12-09 09:03-0500\n"
"PO-Revision-Date: 2010-03-22 22:00+0800\n"
"Last-Translator: Cheng-Chia Tseng <pswo10680@gmail.com>\n"
"Language-Team: Fedora-trans-zh_tw <trans-zh_tw@lists.fedoraproject.org>\n"
@@ -729,28 +729,28 @@ msgstr "供除錯日誌使用的開啟檔案描述符"
msgid "Domain of the information provider (mandatory)"
msgstr "資訊提供者的網域(委任)"
-#: src/sss_client/common.c:808
+#: src/sss_client/common.c:822
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:811
+#: src/sss_client/common.c:825
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:814
+#: src/sss_client/common.c:828
#, fuzzy
msgid "Unexpected format of the server credential message."
msgstr "使用者憑證快取的位置"
-#: src/sss_client/common.c:817
+#: src/sss_client/common.c:831
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:822
+#: src/sss_client/common.c:836
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:828
+#: src/sss_client/common.c:842
msgid "Unexpected error while looking for an error description"
msgstr ""
diff --git a/src/man/po/ar.po b/src/man/po/ar.po
index a27699ad..ce5bf241 100644
--- a/src/man/po/ar.po
+++ b/src/man/po/ar.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Arabic <trans-ar@lists.fedoraproject.org>\n"
diff --git a/src/man/po/as.po b/src/man/po/as.po
index 093862f2..9c6d866a 100644
--- a/src/man/po/as.po
+++ b/src/man/po/as.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Assamese (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/ast.po b/src/man/po/ast.po
new file mode 100644
index 00000000..81397d57
--- /dev/null
+++ b/src/man/po/ast.po
@@ -0,0 +1,6017 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Red Hat
+# This file is distributed under the same license as the sssd-docs package.
+#
+# Translators:
+msgid ""
+msgstr ""
+"Project-Id-Version: SSSD\n"
+"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
+"POT-Creation-Date: 2011-11-02 16:02-0300\n"
+"PO-Revision-Date: 2010-12-23 15:35+0000\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: Asturian (http://www.transifex.net/projects/p/fedora/team/ast/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: ast\n"
+"Plural-Forms: nplurals=2; plural=(n != 1)\n"
+
+#. type: Content of: <reference><title>
+#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
+#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
+#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5
+#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5
+#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5
+msgid "SSSD Manual pages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
+msgid "sss_groupmod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
+#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
+#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
+#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11
+msgid "8"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupmod.8.xml:16
+msgid "modify a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupmod.8.xml:21
+msgid ""
+"<command>sss_groupmod</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
+#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
+#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30
+#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30
+#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30
+msgid "DESCRIPTION"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:32
+msgid ""
+"<command>sss_groupmod</command> modifies the group to reflect the changes "
+"that are specified on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
+#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
+#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
+msgid "OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
+msgid ""
+"<option>-a</option>,<option>--append-group</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:48
+msgid ""
+"Append this group to groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter. The "
+"<replaceable>GROUPS</replaceable> parameter is a comma separated list of "
+"group names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
+msgid ""
+"<option>-r</option>,<option>--remove-group</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:62
+msgid ""
+"Remove this group from groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1132 sssd-ldap.5.xml:1640
+#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
+#: sssd-ipa.5.xml:265 sssd.8.xml:181 sss_obfuscate.8.xml:103
+#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58
+#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
+#: sss_usermod.8.xml:138
+msgid "SEE ALSO"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:74
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.conf.5.xml:10 sssd.conf.5.xml:16
+msgid "sssd.conf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
+#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11
+msgid "5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
+#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
+#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12
+msgid "File Formats and Conventions"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
+#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17
+msgid "the configuration file for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:21
+msgid "FILE FORMAT"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:29
+#, no-wrap
+msgid ""
+" <replaceable>[section]</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
+" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:24
+msgid ""
+"The file has an ini-style syntax and consists of sections and parameters. A "
+"section begins with the name of the section in square brackets and continues"
+" until the next section begins. An example of section with single and multi-"
+"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:36
+msgid ""
+"The data types used are string (no quotes needed), integer and bool (with "
+"values of <quote>TRUE/FALSE</quote>)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:41
+msgid ""
+"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
+"(<quote>;</quote>)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:46
+msgid ""
+"All sections can have an optional <replaceable>description</replaceable> "
+"parameter. Its function is only as a label for the section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:52
+msgid ""
+"<filename>sssd.conf</filename> must be a regular file, owned by root and "
+"only root may read from or write to the file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:58
+msgid "SPECIAL SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:61
+msgid "The [sssd] section"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:978
+msgid "Section parameters"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:72
+msgid "config_file_version (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:75
+msgid ""
+"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
+"version 2."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:81
+msgid "services"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:84
+msgid ""
+"Comma separated list of services that are started when sssd itself starts."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:88
+msgid "Supported services: nss, pam"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:93 sssd.conf.5.xml:256
+msgid "reconnection_retries (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:96 sssd.conf.5.xml:259
+msgid ""
+"Number of times services should attempt to reconnect in the event of a Data "
+"Provider crash or restart before they give up"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:264
+msgid "Default: 3"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:106
+msgid "domains"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:109
+msgid ""
+"A domain is a database containing user information. SSSD can use more "
+"domains at the same time, but at least one must be configured or SSSD won't "
+"start. This parameter described the list of domains in the order you want "
+"them to be queried."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:119
+msgid "re_expression (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:122
+msgid ""
+"Regular expression that describes how to parse the string containing user "
+"name and domain into these components."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:126
+msgid ""
+"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
+"which translates to \"the name is everything up to the <quote>@</quote> "
+"sign, the domain everything after that\""
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:131
+msgid ""
+"PLEASE NOTE: the support for non-unique named subpatterns is not available "
+"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
+"version 7 or higher can support non-unique named subpatterns."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:138
+msgid ""
+"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
+"(?P&lt;name&gt;) to label subpatterns."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:145
+msgid "full_name_format (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:148
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> "
+"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+"how to translate a (name, domain) tuple into a fully qualified name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:156
+msgid "Default: <quote>%1$s@%2$s</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161
+msgid "try_inotify (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164
+msgid ""
+"SSSD monitors the state of resolv.conf to identify when it needs to update "
+"its internal DNS resolver. By default, we will attempt to use inotify for "
+"this, and will fall back to polling resolv.conf every five seconds if "
+"inotify cannot be used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:172
+msgid ""
+"There are some limited situations where it is preferred that we should skip "
+"even trying to use inotify. In these rare cases, this option should be set "
+"to 'false'"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:178
+msgid ""
+"Default: true on platforms where inotify is supported. False on other "
+"platforms."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:182
+msgid ""
+"Note: this option will have no effect on platforms where inotify is "
+"unavailable. On these platforms, polling will always be used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:189
+msgid "krb5_rcache_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:192
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:196
+msgid ""
+"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
+"SSSD to let libkrb5 decide the appropriate location for the replay cache."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:202
+msgid ""
+"Default: Distribution-specific and specified at build-time. "
+"(__LIBKRB5_DEFAULTS__ if not configured)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:63
+msgid ""
+"Individual pieces of SSSD functionality are provided by special SSSD "
+"services that are started and stopped together with SSSD. The services are "
+"managed by a special service frequently called <quote>monitor</quote>. The "
+"<quote>[sssd]</quote> section is used to configure the monitor as well as "
+"some other important options like the identity domains. <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:215
+msgid "SERVICES SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:217
+msgid ""
+"Settings that can be used to configure different services are described in "
+"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
+"section, for example, for NSS service, the section would be "
+"<quote>[nss]</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:224
+msgid "General service configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:226
+msgid "These options can be used to configure any service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:230
+msgid "debug_level (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:234
+msgid "debug_timestamps (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:237
+msgid "Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:375 sssd-ldap.5.xml:1178
+#: sssd-ldap.5.xml:1298 sssd-ipa.5.xml:155 sssd-ipa.5.xml:190
+msgid "Default: true"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:245
+msgid "debug_microseconds (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:248
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:251 sssd-ldap.5.xml:592 sssd-ldap.5.xml:1110
+#: sssd-ldap.5.xml:1247 sssd-ipa.5.xml:115 sssd-krb5.5.xml:235
+#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418
+msgid "Default: false"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:269
+msgid "command (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:272
+msgid ""
+"By default, the executable representing this service is called "
+"<command>sssd_${service_name}</command>. This directive allows to change "
+"the executable name for the service. In the vast majority of configurations,"
+" the default values should suffice."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:280
+msgid "Default: <command>sssd_${service_name}</command>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:288
+msgid "NSS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:290
+msgid ""
+"These options can be used to configure the Name Service Switch (NSS) "
+"service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:295
+msgid "enum_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:298
+msgid ""
+"How many seconds should nss_sss cache enumerations (requests for info about "
+"all users)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:302
+msgid "Default: 120"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:307
+msgid "entry_cache_nowait_percentage (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:310
+msgid ""
+"The entry cache can be set to automatically update entries in the background"
+" if they are requested beyond a percentage of the entry_cache_timeout value "
+"for the domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:316
+msgid ""
+"For example, if the domain's entry_cache_timeout is set to 30s and "
+"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
+"after 15 seconds past the last cache update will be returned immediately, "
+"but the SSSD will go and update the cache on its own, so that future "
+"requests will not need to block waiting for a cache update."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:326
+msgid ""
+"Valid values for this option are 0-99 and represent a percentage of the "
+"entry_cache_timeout for each domain. For performance reasons, this "
+"percentage will never reduce the nowait timeout to less than 10 seconds. (0"
+" disables this feature)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:334
+msgid "Default: 50"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:339
+msgid "entry_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:342
+msgid ""
+"Specifies for how many seconds nss_sss should cache negative cache hits "
+"(that is, queries for invalid database entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:348 sssd-krb5.5.xml:223
+msgid "Default: 15"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:353
+msgid "filter_users, filter_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:356
+msgid ""
+"Exclude certain users from being fetched from the sss NSS database. This is "
+"particularly useful for system accounts. This option can also be set per-"
+"domain or include fully-qualified names to filter only users from the "
+"particular domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:363
+msgid "Default: root"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:368
+msgid "filter_users_in_groups (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:371
+msgid ""
+"If you want filtered user still be group members set this option to false."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:380
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:389 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:393 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:394
+msgid "UID number"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:397 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid "domain name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:401
+msgid "%f"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:402
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:405 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:406 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:383
+msgid ""
+"Override the user's home directory. You can either provide an absolute value"
+" or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:412
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:417
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:420
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:423
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:427
+msgid ""
+"2. If the shell is in the allowed_shells list but not in "
+"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:432
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in "
+"<quote>/etc/shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:437
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:440
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:444
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:449
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:452
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:457
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:460
+msgid ""
+"The default shell to use if an allowed shell is not installed on the "
+"machine."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:464
+msgid "Default: /bin/sh"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:471
+msgid "PAM configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:473
+msgid ""
+"These options can be used to configure the Pluggable Authentication Module "
+"(PAM) service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:478
+msgid "offline_credentials_expiration (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:481
+msgid ""
+"If the authentication provider is offline, how long should we allow cached "
+"logins (in days since the last successful online login)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:486 sssd.conf.5.xml:499
+msgid "Default: 0 (No limit)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:492
+msgid "offline_failed_login_attempts (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:495
+msgid ""
+"If the authentication provider is offline, how many failed login attempts "
+"are allowed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:505
+msgid "offline_failed_login_delay (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:508
+msgid ""
+"The time in minutes which has to pass after offline_failed_login_attempts "
+"has been reached before a new login attempt is possible."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:513
+msgid ""
+"If set to 0 the user cannot authenticate offline if "
+"offline_failed_login_attempts has been reached. Only a successful online "
+"authentication can enable enable offline authentication again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:519 sssd.conf.5.xml:572 sssd.conf.5.xml:908
+msgid "Default: 5"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:525
+msgid "pam_verbosity (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:528
+msgid ""
+"Controls what kind of messages are shown to the user during authentication. "
+"The higher the number to more messages are displayed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:533
+msgid "Currently sssd supports the following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:536
+msgid "<emphasis>0</emphasis>: do not show any message"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:539
+msgid "<emphasis>1</emphasis>: show only important messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:543
+msgid "<emphasis>2</emphasis>: show informational messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:546
+msgid "<emphasis>3</emphasis>: show all messages and debug information"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:550 sssd.8.xml:63
+msgid "Default: 1"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:555
+msgid "pam_id_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:558
+msgid ""
+"For any PAM request while SSSD is online, the SSSD will attempt to "
+"immediately update the cached identity information for the user in order to "
+"ensure that authentication takes place with the latest information."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:564
+msgid ""
+"A complete PAM conversation may perform multiple PAM requests, such as "
+"account management and session opening. This option controls (on a per-"
+"client-application basis) how long (in seconds) we can cache the identity "
+"information to avoid excessive round-trips to the identity provider."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:578
+msgid "pam_pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:581
+msgid "Display a warning N days before the password expires."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:584
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:590
+msgid "Default: 7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:599
+msgid "DOMAIN SECTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:606
+msgid "min_id,max_id (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:609
+msgid ""
+"UID and GID limits for the domain. If a domain contains an entry that is "
+"outside these limits, it is ignored."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:614
+msgid ""
+"For users, this affects the primary GID limit. The user will not be returned"
+" to NSS if either the UID or the primary GID is outside the range. For non-"
+"primary group memberships, those that are in range will be reported as "
+"expected."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:621
+msgid "Default: 1 for min_id, 0 (no limit) for max_id"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:627
+msgid "timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:630
+msgid ""
+"Timeout in seconds between heartbeats for this domain. This is used to "
+"ensure that the backend process is alive and capable of answering requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:635 sssd-ldap.5.xml:981
+msgid "Default: 10"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:641
+msgid "enumerate (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:644
+msgid ""
+"Determines if a domain can be enumerated. This parameter can have one of the"
+" following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:648
+msgid "TRUE = Users and groups are enumerated"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:651
+msgid "FALSE = No enumerations for this domain"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:654 sssd.conf.5.xml:706 sssd.conf.5.xml:760
+msgid "Default: FALSE"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:657
+msgid ""
+"Note: Enabling enumeration has a moderate performance impact on SSSD while "
+"enumeration is running. It may take up to several minutes after SSSD startup"
+" to fully complete enumerations. During this time, individual requests for "
+"information will go directly to LDAP, though it may be slow, due to the "
+"heavy enumeration processing."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:667
+msgid ""
+"While the first enumeration is running, requests for the complete user or "
+"group lists may return no results until it completes."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:672
+msgid ""
+"Further, enabling enumeration may increase the time necessary to detect "
+"network disconnection, as longer timeouts are required to ensure that "
+"enumeration lookups are completed successfully. For more information, refer"
+" to the man pages for the specific id_provider in use."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:683
+msgid "entry_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:686
+msgid ""
+"How many seconds should nss_sss consider entries valid before asking the "
+"backend again"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:690
+msgid "Default: 5400"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:695
+msgid "cache_credentials (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:698
+msgid "Determines if user credentials are also cached in the local LDB cache"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:702
+msgid "User credentials are stored in a SHA512 hash, not in plaintext"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:711
+msgid "account_cache_expiration (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:714
+msgid ""
+"Number of days entries are left in cache after last successful login before "
+"being removed during a cleanup of the cache. 0 means keep forever. The "
+"value of this parameter must be greater than or equal to "
+"offline_credentials_expiration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:721
+msgid "Default: 0 (unlimited)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:727
+msgid "id_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:730
+msgid "The Data Provider identity backend to use for this domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:734
+msgid "Supported backends:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:737
+msgid "proxy: Support a legacy NSS provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:740
+msgid "local: SSSD internal local provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:743
+msgid "ldap: LDAP provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:749
+msgid "use_fully_qualified_names (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:752
+msgid ""
+"If set to TRUE, all requests to this domain must use fully qualified names. "
+"For example, if used in LOCAL domain that contains a \"test\" user, "
+"<command>getent passwd test</command> wouldn't find the user while "
+"<command>getent passwd test@LOCAL</command> would."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:765
+msgid "auth_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:768
+msgid ""
+"The authentication provider used for the domain. Supported auth providers "
+"are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:772
+msgid ""
+"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:779
+msgid ""
+"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:786
+msgid ""
+"<quote>proxy</quote> for relaying authentication to some other PAM target."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:789
+msgid "<quote>none</quote> disables authentication explicitly."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:792
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"authentication requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:798
+msgid "access_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:801
+msgid ""
+"The access control provider used for the domain. There are two built-in "
+"access providers (in addition to any included in installed backends) "
+"Internal special providers are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:807
+msgid "<quote>permit</quote> always allow access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:810
+msgid "<quote>deny</quote> always deny access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:813
+msgid ""
+"<quote>simple</quote> access control based on access or deny lists. See "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for more information on configuring "
+"the simple access module."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:820
+msgid "Default: <quote>permit</quote>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:825
+msgid "chpass_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:828
+msgid ""
+"The provider which should handle change password operations for the domain."
+" Supported change password providers are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:833
+msgid ""
+"<quote>ipa</quote> to change a password stored in an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring"
+" IPA."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:841
+msgid ""
+"<quote>ldap</quote> to change a password stored in a LDAP server. See "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring"
+" LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:857
+msgid ""
+"<quote>proxy</quote> for relaying password changes to some other PAM target."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:861
+msgid "<quote>none</quote> disallows password changes explicitly."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:864
+msgid ""
+"Default: <quote>auth_provider</quote> is used if it is set and can handle "
+"change password requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:871
+msgid "lookup_family_order (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:874
+msgid ""
+"Provides the ability to select preferred address family to use when "
+"performing DNS lookups."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:878
+msgid "Supported values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:881
+msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:884
+msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:887
+msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:890
+msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:893
+msgid "Default: ipv4_first"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:899
+msgid "dns_resolver_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:902
+msgid ""
+"Defines the amount of time (in seconds) to wait for a reply from the DNS "
+"resolver before assuming that it is unreachable. If this timeout is reached,"
+" the domain will continue to operate in offline mode."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:914
+msgid "dns_discovery_domain (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:917
+msgid ""
+"If service discovery is used in the back end, specifies the domain part of "
+"the service discovery DNS query."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:921
+msgid "Default: Use the domain part of machine's hostname"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:927
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:930
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:601
+msgid ""
+"These configuration options can be present in a domain configuration "
+"section, that is, in a section called "
+"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:942
+msgid "proxy_pam_target (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:945
+msgid "The proxy target PAM proxies to."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:948
+msgid ""
+"Default: not set by default, you have to take an existing pam configuration "
+"or create a new one and add the service name here."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:956
+msgid "proxy_lib_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:959
+msgid ""
+"The name of the NSS library to use in proxy domains. The NSS functions "
+"searched for in the library are in the form of _nss_$(libName)_$(function), "
+"for example _nss_files_getpwent."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:938
+msgid ""
+"Options valid for proxy domains. <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:971
+msgid "The local domain section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:973
+msgid ""
+"This section contains settings for domain that stores users and groups in "
+"SSSD native database, that is, a domain that uses "
+"<replaceable>id_provider=local</replaceable>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:980
+msgid "default_shell (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:983
+msgid "The default shell for users created with SSSD userspace tools."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid "Default: <filename>/bin/bash</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:992
+msgid "base_directory (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:995
+msgid ""
+"The tools append the login name to <replaceable>base_directory</replaceable>"
+" and use that as the home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1000
+msgid "Default: <filename>/home</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1005
+msgid "create_homedir (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1008
+msgid ""
+"Indicate if a home directory should be created by default for new users. "
+"Can be overridden on command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1012 sssd.conf.5.xml:1024
+msgid "Default: TRUE"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1017
+msgid "remove_homedir (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1020
+msgid ""
+"Indicate if a home directory should be removed by default for deleted users."
+" Can be overridden on command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1029
+msgid "homedir_umask (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1032
+msgid ""
+"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
+"on a newly created home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1040
+msgid "Default: 077"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1045
+msgid "skel_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1048
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in"
+" the user's home directory, when the home directory is created by "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1058
+msgid "Default: <filename>/etc/skel</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1063
+msgid "mail_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1066
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"default value is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1073
+msgid "Default: <filename>/var/mail</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1078
+msgid "userdel_cmd (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1081
+msgid ""
+"The command that is run after a user is removed. The command us passed the "
+"username of the user being removed as the first and only parameter. The "
+"return code of the command is not taken into account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1087
+msgid "Default: None, no command is run"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:1097 sssd-ldap.5.xml:1608 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:247 sssd-krb5.5.xml:432
+msgid "EXAMPLE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:1103
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"domains = LDAP\n"
+"services = nss, pam\n"
+"config_file_version = 2\n"
+"\n"
+"[nss]\n"
+"filter_groups = root\n"
+"filter_users = root\n"
+"\n"
+"[pam]\n"
+"\n"
+"[domain/LDAP]\n"
+"id_provider = ldap\n"
+"ldap_uri = ldap://ldap.example.com\n"
+"ldap_search_base = dc=example,dc=com\n"
+"\n"
+"auth_provider = krb5\n"
+"krb5_server = kerberos.example.com\n"
+"krb5_realm = EXAMPLE.COM\n"
+"cache_credentials = true\n"
+"\n"
+"min_id = 10000\n"
+"max_id = 20000\n"
+"enumerate = False\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1099
+msgid ""
+"The following example shows a typical SSSD config. It does not describe "
+"configuration of the domains themselves - refer to documentation on "
+"configuring domains for more details. <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1134
+msgid ""
+"<citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
+msgid "sssd-ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:23
+msgid ""
+"This manual page describes the configuration of LDAP domains for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax "
+"information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:35
+msgid "You can configure SSSD to use more than one LDAP domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:38
+msgid ""
+"LDAP back end supports id, auth, access and chpass providers. If you want to"
+" authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
+"<command>sssd</command> <emphasis>does not</emphasis> support authentication"
+" over an unencrypted channel. If the LDAP server is used only as an "
+"identity provider, an encrypted channel is not needed. Please refer to "
+"<quote>ldap_access_filter</quote> config option for more information about "
+"using LDAP as an access provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61
+#: sssd-krb5.5.xml:63
+msgid "CONFIGURATION OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:60
+msgid "ldap_uri (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:63
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD"
+" should connect in the order of preference. Refer to the "
+"<quote>FAILOVER</quote> section for more information on failover and server "
+"redundancy. If not specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD"
+" should connect in the order of preference to change the password of a user."
+" Refer to the <quote>FAILOVER</quote> section for more information on "
+"failover and server redundancy."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:95
+msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:99
+msgid "Default: empty, i.e. ldap_uri is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:105
+msgid "ldap_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:108
+msgid "The default base DN to use for performing LDAP user operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:112
+msgid ""
+"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
+"syntax:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:116
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:119
+msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:122
+msgid ""
+"The filter must be a valid LDAP search filter as specified by "
+"http://www.ietf.org/rfc/rfc2254.txt"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:126
+msgid "Examples:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:129
+msgid ""
+"ldap_search_base = dc=example,dc=com (which is equivalent to) "
+"ldap_search_base = dc=example,dc=com?subtree?"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:134
+msgid ""
+"ldap_search_base = "
+"cn=host_specific,dc=example,dc=com?subtree?(host=thishost)?dc=example.com?subtree?"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:137
+msgid ""
+"Note: It is unsupported to have multiple search bases which reference "
+"identically-named objects (for example, groups with the same name in two "
+"different search bases). This will lead to unpredictable behavior on client "
+"machines."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:144
+msgid ""
+"Default: If not set, the value of the defaultNamingContext or namingContexts"
+" attribute from the RootDSE of the LDAP server is used. If "
+"defaultNamingContext does not exists or has an empty value namingContexts is"
+" used. The namingContexts attribute must have a single value with the DN of"
+" the search base of the LDAP server to make this work. Multiple values are "
+"are not supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:158
+msgid "ldap_schema (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:161
+msgid ""
+"Specifies the Schema Type in use on the target LDAP server. Depending on "
+"the selected schema, the default attribute names retrieved from the servers "
+"may vary. The way that some attributes are handled may also differ. Three "
+"schema types are currently supported: rfc2307 rfc2307bis IPA The main "
+"difference between these schema types is how group memberships are recorded "
+"in the server. With rfc2307, group members are listed by name in the "
+"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group "
+"members are listed by DN and stored in the <emphasis>member</emphasis> "
+"attribute."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+msgid "Default: rfc2307"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:186
+msgid "ldap_default_bind_dn (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:189
+msgid "The default bind DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:196
+msgid "ldap_default_authtok_type (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:199
+msgid "The type of the authentication token of the default bind DN."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:203
+msgid "The two mechanisms currently supported are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:206
+msgid "password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:209
+msgid "obfuscated_password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:212
+msgid "Default: password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:218
+msgid "ldap_default_authtok (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:221
+msgid ""
+"The authentication token of the default bind DN. Only clear text passwords "
+"are currently supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:228
+msgid "ldap_user_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:231
+msgid "The object class of a user entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:234
+msgid "Default: posixAccount"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:240
+msgid "ldap_user_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:243
+msgid "The LDAP attribute that corresponds to the user's login name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:247
+msgid "Default: uid"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:253
+msgid "ldap_user_uid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:256
+msgid "The LDAP attribute that corresponds to the user's id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:260
+msgid "Default: uidNumber"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:266
+msgid "ldap_user_gid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:269
+msgid "The LDAP attribute that corresponds to the user's primary group id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:730
+msgid "Default: gidNumber"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:279
+msgid "ldap_user_gecos (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:282
+msgid "The LDAP attribute that corresponds to the user's gecos field."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:286
+msgid "Default: gecos"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:292
+msgid "ldap_user_home_directory (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:295
+msgid ""
+"The LDAP attribute that contains the name of the user's home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:299
+msgid "Default: homeDirectory"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:305
+msgid "ldap_user_shell (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:308
+msgid "The LDAP attribute that contains the path to the user's default shell."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:312
+msgid "Default: loginShell"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:318
+msgid "ldap_user_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:321
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:756 sssd-ldap.5.xml:849
+msgid "Default: nsUniqueId"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:331
+msgid "ldap_user_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:765 sssd-ldap.5.xml:858
+msgid ""
+"The LDAP attribute that contains timestamp of the last modification of the "
+"parent object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:769 sssd-ldap.5.xml:862
+msgid "Default: modifyTimestamp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:344
+msgid "ldap_user_shadow_last_change (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:347
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (date of the last password change)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:357
+msgid "Default: shadowLastChange"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:363
+msgid "ldap_user_shadow_min (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:366
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (minimum password age)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:375
+msgid "Default: shadowMin"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:381
+msgid "ldap_user_shadow_max (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:384
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (maximum password age)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:393
+msgid "Default: shadowMax"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:399
+msgid "ldap_user_shadow_warning (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:402
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (password warning period)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:412
+msgid "Default: shadowWarning"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:418
+msgid "ldap_user_shadow_inactive (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:421
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (password inactivity period)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:431
+msgid "Default: shadowInactive"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:437
+msgid "ldap_user_shadow_expire (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:440
+msgid ""
+"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this"
+" parameter contains the name of an LDAP attribute corresponding to its "
+"<citerefentry> <refentrytitle>shadow</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration "
+"date)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:450
+msgid "Default: shadowExpire"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:456
+msgid "ldap_user_krb_last_pwd_change (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:459
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of"
+" an LDAP attribute storing the date and time of last password change in "
+"kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:465
+msgid "Default: krbLastPwdChange"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:471
+msgid "ldap_user_krb_password_expiration (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:474
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of"
+" an LDAP attribute storing the date and time when current password expires."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:480
+msgid "Default: krbPasswordExpiration"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:486
+msgid "ldap_user_ad_account_expires (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:489
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the expiration time of the account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:494
+msgid "Default: accountExpires"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:500
+msgid "ldap_user_ad_user_account_control (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the user account control bit field."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:508
+msgid "Default: userAccountControl"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:514
+msgid "ldap_ns_account_lock (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:517
+msgid ""
+"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
+"determines if access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:522
+msgid "Default: nsAccountLock"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:528
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:541
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:544
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:555
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:558
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:563
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:569
+msgid "ldap_user_principal (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:572
+msgid ""
+"The LDAP attribute that contains the user's Kerberos User Principal Name "
+"(UPN)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:576
+msgid "Default: krbPrincipalName"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:582
+msgid "ldap_force_upper_case_realm (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:585
+msgid ""
+"Some directory servers, for example Active Directory, might deliver the "
+"realm part of the UPN in lower case, which might cause the authentication to"
+" fail. Set this option to a non-zero value if you want to use an upper-case "
+"realm."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:598
+msgid "ldap_enumeration_refresh_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:601
+msgid ""
+"The LDAP attribute that contains how many seconds SSSD has to wait before "
+"refreshing its cache of enumerated records."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:606
+msgid "Default: 300"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:612
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:615
+msgid ""
+"Determine how often to check the cache for inactive entries (such as groups "
+"with no members and users who have never logged in) and remove them to save "
+"space."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:621
+msgid "Setting this option to zero will disable the cache cleanup operation."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:625
+msgid "Default: 10800 (12 hours)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:631
+msgid "ldap_user_fullname (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:634
+msgid "The LDAP attribute that corresponds to the user's full name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:638 sssd-ldap.5.xml:717 sssd-ldap.5.xml:810
+msgid "Default: cn"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:644
+msgid "ldap_user_member_of (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:647
+msgid "The LDAP attribute that lists the user's group memberships."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:651
+msgid "Default: memberOf"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:657
+msgid "ldap_user_authorized_service (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:660
+msgid ""
+"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
+"use the presence of the authorizedService attribute in the user's LDAP entry"
+" to determine access privilege."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:667
+msgid ""
+"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
+"explicit allow (svc) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:672
+msgid "Default: authorizedService"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:678
+msgid "ldap_user_authorized_host (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:681
+msgid ""
+"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
+"presence of the host attribute in the user's LDAP entry to determine access "
+"privilege."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:687
+msgid ""
+"An explicit deny (!host) is resolved first. Second, SSSD searches for "
+"explicit allow (host) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:692
+msgid "Default: host"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:698
+msgid "ldap_group_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:701
+msgid "The object class of a group entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:704
+msgid "Default: posixGroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:710
+msgid "ldap_group_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:713
+msgid "The LDAP attribute that corresponds to the group name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:723
+msgid "ldap_group_gid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:726
+msgid "The LDAP attribute that corresponds to the group's id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:736
+msgid "ldap_group_member (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:739
+msgid "The LDAP attribute that contains the names of the group's members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:743
+msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:749
+msgid "ldap_group_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:752
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP group object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:762
+msgid "ldap_group_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:775
+msgid "ldap_group_nesting_level (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:778
+msgid ""
+"If ldap_schema is set to a schema format that supports nested groups (e.g. "
+"RFC2307bis), then this option controls how many levels of nesting SSSD will "
+"follow. This option has no effect on the RFC2307 schema."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:785
+msgid "Default: 2"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:791
+msgid "ldap_netgroup_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:794
+msgid "The object class of a netgroup entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:797
+msgid "Default: nisNetgroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:803
+msgid "ldap_netgroup_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:806
+msgid "The LDAP attribute that corresponds to the netgroup name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:816
+msgid "ldap_netgroup_member (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:819
+msgid "The LDAP attribute that contains the names of the netgroup's members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:823
+msgid "Default: memberNisNetgroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:829
+msgid "ldap_netgroup_triple (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:832
+msgid ""
+"The LDAP attribute that contains the (host, user, domain) netgroup triples."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:836
+msgid "Default: nisNetgroupTriple"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:842
+msgid "ldap_netgroup_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:845
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:855
+msgid "ldap_netgroup_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:868
+msgid "ldap_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:871
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches are allowed to run "
+"before they are cancelled and cached results are returned (and offline mode "
+"is entered)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:877
+msgid ""
+"Note: this option is subject to change in future versions of the SSSD. It "
+"will likely be replaced at some point by a series of timeouts for specific "
+"lookup types."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:883 sssd-ldap.5.xml:925 sssd-ldap.5.xml:940
+msgid "Default: 6"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:889
+msgid "ldap_enumeration_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:892
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches for user and group "
+"enumerations are allowed to run before they are cancelled and cached results"
+" are returned (and offline mode is entered)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:899
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:905
+msgid "ldap_network_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:908
+msgid ""
+"Specifies the timeout (in seconds) after which the <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> "
+"<manvolnum>2</manvolnum> </citerefentry> following a <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry> returns in case of no activity."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:931
+msgid "ldap_opt_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:934
+msgid ""
+"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
+"will abort if no response is received. Also controls the timeout when "
+"communicating with the KDC in case of SASL bind."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:946
+msgid "ldap_page_size (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:949
+msgid ""
+"Specify the number of records to retrieve from LDAP in a single request. "
+"Some LDAP servers enforce a maximum limit per-request."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:954
+msgid "Default: 1000"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:960
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:963
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing,"
+" they are looked up individually."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:969
+msgid ""
+"You can turn off dereference lookups completely by setting the value to 0."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:973
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:987
+msgid "ldap_tls_reqcert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:990
+msgid ""
+"Specifies what checks to perform on server certificates in a TLS session, if"
+" any. It can be specified as one of the following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:996
+msgid ""
+"<emphasis>never</emphasis> = The client will not request or check any server"
+" certificate."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1000
+msgid ""
+"<emphasis>allow</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate"
+" is provided, it will be ignored and the session proceeds normally."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1007
+msgid ""
+"<emphasis>try</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate"
+" is provided, the session is immediately terminated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1013
+msgid ""
+"<emphasis>demand</emphasis> = The server certificate is requested. If no "
+"certificate is provided, or a bad certificate is provided, the session is "
+"immediately terminated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1019
+msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1023
+msgid "Default: hard"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1029
+msgid "ldap_tls_cacert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1032
+msgid ""
+"Specifies the file that contains certificates for all of the Certificate "
+"Authorities that <command>sssd</command> will recognize."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1037 sssd-ldap.5.xml:1055 sssd-ldap.5.xml:1096
+msgid ""
+"Default: use OpenLDAP defaults, typically in "
+"<filename>/etc/openldap/ldap.conf</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1044
+msgid "ldap_tls_cacertdir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1047
+msgid ""
+"Specifies the path of a directory that contains Certificate Authority "
+"certificates in separate individual files. Typically the file names need to "
+"be the hash of the certificate followed by '.0'. If available, "
+"<command>cacertdir_rehash</command> can be used to create the correct names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1062
+msgid "ldap_tls_cert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1065
+msgid "Specifies the file that contains the certificate for the client's key."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1069 sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1567
+#: sssd-ldap.5.xml:1594 sssd-krb5.5.xml:359
+msgid "Default: not set"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1075
+msgid "ldap_tls_key (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1078
+msgid "Specifies the file that contains the client's key."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1087
+msgid "ldap_tls_cipher_suite (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1090
+msgid ""
+"Specifies acceptable cipher suites. Typically this is a colon sperated "
+"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for format."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1103
+msgid "ldap_id_use_start_tls (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1106
+msgid ""
+"Specifies that the id_provider connection must also use <systemitem "
+"class=\"protocol\">tls</systemitem> to protect the channel."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1116
+msgid "ldap_sasl_mech (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1119
+msgid ""
+"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
+"supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1123 sssd-ldap.5.xml:1280
+msgid "Default: none"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1129
+msgid "ldap_sasl_authid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1132
+msgid ""
+"Specify the SASL authorization id to use. When GSSAPI is used, this "
+"represents the Kerberos principal used for authentication to the directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1137
+msgid "Default: host/machine.fqdn@REALM"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1143
+msgid "ldap_sasl_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1146
+msgid ""
+"If set to true, the LDAP library would perform a reverse lookup to "
+"canonicalize the host name during a SASL bind."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1151
+msgid "Default: false;"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1157
+msgid "ldap_krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1160
+msgid "Specify the keytab to use when using SASL/GSSAPI."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1163
+msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1169
+msgid "ldap_krb5_init_creds (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1172
+msgid ""
+"Specifies that the id_provider should init Kerberos credentials (TGT). This"
+" action is performed only if SASL is used and the mechanism selected is "
+"GSSAPI."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1184
+msgid "ldap_krb5_ticket_lifetime (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1187
+msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1191
+msgid "Default: 86400 (24 hours)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1197 sssd-krb5.5.xml:74
+msgid "krb5_server (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1200 sssd-krb5.5.xml:77
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled - for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1212 sssd-krb5.5.xml:89
+msgid ""
+"When using service discovery for KDC or kpasswd servers, SSSD first searches"
+" for DNS entries that specify _udp as the protocol and falls back to _tcp if"
+" none are found."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1217 sssd-krb5.5.xml:94
+msgid ""
+"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD."
+" While the legacy name is recognized for the time being, users are advised "
+"to migrate their config files to use <quote>krb5_server</quote> instead."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1226 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+msgid "krb5_realm (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1229
+msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1232
+msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1238 sssd-ipa.5.xml:180 sssd-krb5.5.xml:409
+msgid "krb5_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1241
+msgid ""
+"Specifies if the host pricipal should be canonicalized when connecting to "
+"LDAP server. This feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1253
+msgid "ldap_pwd_policy (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1256
+msgid ""
+"Select the policy to evaluate the password expiration on the client side. "
+"The following values are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1261
+msgid ""
+"<emphasis>none</emphasis> - No evaluation on the client side. This option "
+"cannot disable server-side password policies."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1266
+msgid ""
+"<emphasis>shadow</emphasis> - Use "
+"<citerefentry><refentrytitle>shadow</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> style attributes to evaluate if the "
+"password has expired. Note that the current version of sssd cannot update "
+"this attribute during a password change."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1274
+msgid ""
+"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
+"to determine if the password has expired. Use chpass_provider=krb5 to update"
+" these attributes when the password is changed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1286
+msgid "ldap_referrals (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1289
+msgid "Specifies whether automatic referral chasing should be enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1293
+msgid ""
+"Please note that sssd only supports referral chasing when it is compiled "
+"with OpenLDAP version 2.4.13 or higher."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1304
+msgid "ldap_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1307
+msgid "Specifies the service name to use when service discovery is enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1311
+msgid "Default: ldap"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1317
+msgid "ldap_chpass_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1320
+msgid ""
+"Specifies the service name to use to find an LDAP server which allows "
+"password changes when service discovery is enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1325
+msgid "Default: not set, i.e. service discovery is disabled"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1331
+msgid "ldap_access_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1334
+msgid ""
+"If using access_provider = ldap, this option is mandatory. It specifies an "
+"LDAP search filter criteria that must be met for the user to be granted "
+"access on this host. If access_provider = ldap and this option is not set, "
+"it will result in all users being denied access. Use access_provider = allow"
+" to change this default behavior."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:1570
+msgid "Example:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1347
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+" "
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1351
+msgid ""
+"This example means that access to this host is restricted to members of the "
+"\"allowedusers\" group in ldap."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1356
+msgid ""
+"Offline caching for this feature is limited to determining whether the "
+"user's last online login was granted access permission. If they were granted"
+" access during their last login, they will continue to be granted access "
+"while offline and vice-versa."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1364 sssd-ldap.5.xml:1414
+msgid "Default: Empty"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1370
+msgid "ldap_account_expire_policy (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1373
+msgid ""
+"With this option a client side evaluation of access control attributes can "
+"be enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1377
+msgid ""
+"Please note that it is always recommended to use server side access control,"
+" i.e. the LDAP server should deny the bind request with a suitable error "
+"code even if the password is correct."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1384
+msgid "The following values are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1387
+msgid ""
+"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
+"determine if the account is expired."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1392
+msgid ""
+"<emphasis>ad</emphasis>: use the value of the 32bit field "
+"ldap_user_ad_user_account_control and allow access if the second bit is not "
+"set. If the attribute is missing access is granted. Also the expiration time"
+" of the account is checked."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1399
+msgid ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, "
+"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check "
+"if access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1405
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1420
+msgid "ldap_access_order (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1423
+msgid "Comma separated list of access control options. Allowed values are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1427
+msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1430
+msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1434
+msgid ""
+"<emphasis>authorized_service</emphasis>: use the authorizedService attribute"
+" to determine access"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1439
+msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1443
+msgid "Default: filter"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1446
+msgid ""
+"Please note that it is a configuration error if a value is used more than "
+"once."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1453
+msgid "ldap_deref (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1456
+msgid ""
+"Specifies how alias dereferencing is done when performing a search. The "
+"following options are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1461
+msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1465
+msgid ""
+"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
+"the base object, but not in locating the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1470
+msgid ""
+"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
+"the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1475
+msgid ""
+"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
+"in locating the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1480
+msgid ""
+"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
+"client libraries)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:51
+msgid ""
+"All of the common configuration options that apply to SSSD domains also "
+"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
+"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for full details. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1492
+msgid "ADVANCED OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1499
+msgid "ldap_netgroup_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1502
+msgid ""
+"An optional base DN to restrict netgroup searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1506 sssd-ldap.5.xml:1525 sssd-ldap.5.xml:1544
+msgid ""
+"See <quote>ldap_search_base</quote> for information about configuring "
+"multiple search bases."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 sssd-ldap.5.xml:1549
+msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1518
+msgid "ldap_user_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1521
+msgid "An optional base DN to restrict user searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1537
+msgid "ldap_group_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1540
+msgid "An optional base DN to restrict group searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1556
+msgid "ldap_user_search_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1559
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict user searches."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1563
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_user_search_base."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1573
+#, no-wrap
+msgid ""
+" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+" "
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1576
+msgid ""
+"This filter would restrict user searches to users that have their shell set "
+"to /bin/tcsh."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1583
+msgid "ldap_group_search_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1586
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict group searches."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1590
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_group_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1494
+msgid ""
+"These options are supported by LDAP domains, but they should be used with "
+"caution. Please include them in your configuration only if you know what you"
+" are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1610
+msgid ""
+"The following example assumes that SSSD is correctly configured and LDAP is "
+"set to one of the domains in the <replaceable>[domains]</replaceable> "
+"section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ldap.5.xml:1616
+#, no-wrap
+msgid ""
+" [domain/LDAP]\n"
+" id_provider = ldap\n"
+" auth_provider = ldap\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
+" ldap_tls_reqcert = demand\n"
+" cache_credentials = true\n"
+" enumerate = true\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1615 sssd-simple.5.xml:134 sssd-ipa.5.xml:255
+#: sssd-krb5.5.xml:441
+msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1629 sssd_krb5_locator_plugin.8.xml:61
+msgid "NOTES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1631
+msgid ""
+"The descriptions of some of the configuration options in this manual page "
+"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
+"distribution."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1642
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <refentryinfo>
+#: pam_sss.8.xml:8 include/upstream.xml:2
+msgid ""
+"<productname>SSSD</productname> <orgname>The SSSD upstream - "
+"http://fedorahosted.org/sssd</orgname>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: pam_sss.8.xml:13 pam_sss.8.xml:18
+msgid "pam_sss"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: pam_sss.8.xml:19
+msgid "PAM module for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: pam_sss.8.xml:24
+msgid ""
+"<command>pam_sss.so</command> <arg choice='opt'> "
+"<replaceable>quiet</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>forward_pass</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>use_first_pass</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>use_authtok</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>retry=N</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:45
+msgid ""
+"<command>pam_sss.so</command> is the PAM interface to the System Security "
+"Services daemon (SSSD). Errors and results are logged through "
+"<command>syslog(3)</command> with the LOG_AUTHPRIV facility."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:55
+msgid "<option>quiet</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:58
+msgid "Suppress log messages for unknown users."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:63
+msgid "<option>forward_pass</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:66
+msgid ""
+"If <option>forward_pass</option> is set the entered password is put on the "
+"stack for other PAM modules to use."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:73
+msgid "<option>use_first_pass</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:76
+msgid ""
+"The argument use_first_pass forces the module to use a previous stacked "
+"modules password and will never prompt the user - if no password is "
+"available or the password is not appropriate, the user will be denied "
+"access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:84
+msgid "<option>use_authtok</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:87
+msgid ""
+"When password changing enforce the module to set the new password to the one"
+" provided by a previously stacked password module."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:94
+msgid "<option>retry=N</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:97
+msgid ""
+"If specified the user is asked another N times for a password if "
+"authentication fails. Default is 0."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:99
+msgid ""
+"Please note that this option might not work as expected if the application "
+"calling PAM handles the user dialog on its own. A typical example is "
+"<command>sshd</command> with <option>PasswordAuthentication</option>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:110
+msgid "MODULE TYPES PROVIDED"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:111
+msgid ""
+"All module types (<option>account</option>, <option>auth</option>, "
+"<option>password</option> and <option>session</option>) are provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:117
+msgid "FILES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:118
+msgid ""
+"If a password reset by root fails, because the corresponding SSSD provider "
+"does not support password resets, an individual message can be displayed. "
+"This message can e.g. contain instructions about how to reset a password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:123
+msgid ""
+"The message is read from the file "
+"<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a "
+"locale string returned by <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> "
+"</citerefentry>. If there is no matching file the content of "
+"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be"
+" the owner of the files and only root may have read and write permissions "
+"while all other users must have only read permissions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:133
+msgid ""
+"These files are searched in the directory "
+"<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file "
+"is present a generic message is displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:141
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
+msgid "sssd_krb5_locator_plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:22
+msgid ""
+"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
+"used by the Kerberos provider of <citerefentry> "
+"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>"
+" to tell the Kerberos libraries what Realm and which KDC to use. Typically "
+"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> which is always read by the "
+"Kerberos libraries. To simplify the configuration the Realm and the KDC can "
+"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> "
+"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:48
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> puts the Realm and the name or IP address of the KDC into "
+"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
+"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
+"libraries it reads and evaluates these variable and returns them to the "
+"libraries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:63
+msgid ""
+"Not all Kerberos implementations support the use of plugins. If "
+"<command>sssd_krb5_locator_plugin</command> is not available on your system "
+"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:69
+msgid ""
+"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+"debug messages will be sent to stderr."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:77
+msgid ""
+"<citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
+msgid "sssd-simple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-simple.5.xml:17
+msgid "the configuration file for SSSD's 'simple' access-control provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:24
+msgid ""
+"This manual page describes the configuration of the simple access-control "
+"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
+"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:38
+msgid ""
+"The simple access provider grants or denies access based on an access or "
+"deny list of user or group names. The following rules apply:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:43
+msgid "If all lists are empty, access is granted"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:47
+msgid ""
+"If any list is provided, the order of evaluation is allow,deny. This means "
+"that any matching deny rule will supersede any matched allow rule."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:54
+msgid ""
+"If either or both \"allow\" lists are provided, all users are denied unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:60
+msgid ""
+"If only \"deny\" lists are provided, all users are granted access unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:78
+msgid "simple_allow_users (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:81
+msgid "Comma separated list of users who are allowed to log in."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:88
+msgid "simple_deny_users (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:91
+msgid "Comma separated list of users who are explicitly denied access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:97
+msgid "simple_allow_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:100
+msgid ""
+"Comma separated list of groups that are allowed to log in. This applies only"
+" to groups within this SSSD domain. Local groups are not evaluated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:108
+msgid "simple_deny_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:111
+msgid ""
+"Comma separated list of groups that are explicitly denied access. This "
+"applies only to groups within this SSSD domain. Local groups are not "
+"evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62
+msgid ""
+"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:120
+msgid ""
+"Please note that it is an configuration error if both, simple_allow_users "
+"and simple_deny_users, are defined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:128
+msgid ""
+"The following example assumes that SSSD is correctly configured and "
+"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
+"section. This examples shows only the simple access provider-specific "
+"options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-simple.5.xml:135
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" access_provider = simple\n"
+" simple_allow_users = user1, user2\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:145
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
+msgid "sssd-ipa"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:23
+msgid ""
+"This manual page describes the configuration of the IPA provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:36
+msgid ""
+"The IPA provider is a back end used to connect to an IPA server. (Refer to "
+"the freeipa.org web site for information about IPA servers.) This provider "
+"requires that the machine be joined to the IPA domain; configuration is "
+"almost entirely self-discovered and obtained directly from the server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:43
+msgid ""
+"The IPA provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> identity provider and the <citerefentry> <refentrytitle"
+">sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> "
+"authentication provider. However, it is neither necessary nor recommended "
+"to set these options. IPA provider can also be used as an access and chpass"
+" provider. As an access provider it uses HBAC (host-based access control) "
+"rules. Please refer to freeipa.org for more information about HBAC. No "
+"configuration of access provider is required on the client side."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:69
+msgid "ipa_domain (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:72
+msgid ""
+"Specifies the name of the IPA domain. This is optional. If not provided, "
+"the configuration domain name is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:80
+msgid "ipa_server (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:83
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the IPA servers to "
+"which SSSD should connect in the order of preference. For more information "
+"on failover and server redundancy, see the <quote>FAILOVER</quote> section."
+" This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> "
+"section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:96
+msgid "ipa_hostname (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:99
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the IPA domain to identify this host."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:107
+msgid "ipa_dyndns_update (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:110
+msgid ""
+"Optional. This option tells SSSD to automatically update the DNS server "
+"built into FreeIPA v2 with the IP address of this client."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:121
+msgid "ipa_dyndns_iface (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:124
+msgid ""
+"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
+"interface whose IP address should be used for dynamic DNS updates."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:129
+msgid "Default: Use the IP address of the IPA LDAP connection"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:135
+msgid "ipa_hbac_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"Optional. Use the given string as search base for HBAC related objects."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:142
+msgid "Default: Use base DN"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:148 sssd-krb5.5.xml:229
+msgid "krb5_validate (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:151 sssd-krb5.5.xml:232
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:158
+msgid ""
+"Note that this default differs from the traditional Kerberos provider back "
+"end."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:168
+msgid ""
+"The name of the Kerberos realm. This is optional and defaults to the value "
+"of <quote>ipa_domain</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:172
+msgid ""
+"The name of the Kerberos realm has a special meaning in IPA - it is "
+"converted into the base DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:183
+msgid ""
+"Specifies if the host and user pricipal should be canonicalized when "
+"connecting to IPA LDAP and also for AS requests. This feature is available "
+"with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:196
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:199
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server."
+" This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:211
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:214
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users"
+" of FreeIPA will need to migrate their rules to use only the ALLOW rules. "
+"The client will support two modes of operation during this transition "
+"period:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:223
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:228
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:233
+msgid "Default: DENY_ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:249
+msgid ""
+"The following example assumes that SSSD is correctly configured and "
+"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
+"section. This examples shows only the ipa provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ipa.5.xml:256
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" id_provider = ipa\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:267
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.8.xml:10 sssd.8.xml:15
+msgid "sssd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.8.xml:16
+msgid "System Security Services Daemon"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sssd.8.xml:21
+msgid ""
+"<command>sssd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:31
+msgid ""
+"<command>SSSD</command> provides a set of daemons to manage access to remote"
+" directories and authentication mechanisms. It provides an NSS and PAM "
+"interface toward the system and a pluggable backend system to connect to "
+"multiple different account sources as well as D-Bus interface. It is also "
+"the basis to provide client auditing and policy services for projects like "
+"FreeIPA. It provides a more robust database to store local users as well as "
+"extended user data."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:46
+msgid ""
+"<option>-d</option>,<option>--debug-level</option> "
+"<replaceable>LEVEL</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:53
+msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:57
+msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:60
+msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:69
+msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:73
+msgid ""
+"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:76
+msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:79
+msgid "Default: 0"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:85
+msgid "<option>-f</option>,<option>--debug-to-files</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:89
+msgid ""
+"Send the debug output to files instead of stderr. By default, the log files "
+"are stored in <filename>/var/log/sssd</filename> and there are separate log "
+"files for every SSSD service and domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:97
+msgid "<option>-D</option>,<option>--daemon</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:101
+msgid "Become a daemon after starting up."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:107
+msgid "<option>-i</option>,<option>--interactive</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:111
+msgid "Run in the foreground, don't become a daemon."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:117
+msgid "<option>-c</option>,<option>--config</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:121
+msgid ""
+"Specify a non-default config file. The default is "
+"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file "
+"syntax and options, consult the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.8.xml:137
+msgid "Signals"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:140
+msgid "SIGTERM/SIGINT"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:143
+msgid ""
+"Informs the SSSD to gracefully terminate all of its child processes and then"
+" shut down the monitor."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:149
+msgid "SIGHUP"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:152
+msgid ""
+"Tells the SSSD to stop writing to its current debug file descriptors and to "
+"close and reopen them. This is meant to facilitate log rolling with programs"
+" like logrotate."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:160
+msgid "SIGUSR1"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:163
+msgid ""
+"Tells the SSSD to simulate offline operation for one minute. This is mostly "
+"useful for testing purposes."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:169
+msgid "SIGUSR2"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:172
+msgid ""
+"Tells the SSSD to go online immediately. This is mostly useful for testing "
+"purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:183
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
+msgid "sss_obfuscate"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_obfuscate.8.xml:16
+msgid "obfuscate a clear text password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_obfuscate.8.xml:21
+msgid ""
+"<command>sss_obfuscate</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>[PASSWORD]</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:32
+msgid ""
+"<command>sss_obfuscate</command> converts a given password into human-"
+"unreadable format and places it into appropriate domain section of the SSSD "
+"config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:37
+msgid ""
+"The cleartext password is read from standard input or entered interactively."
+" The obfuscated password is put into <quote>ldap_default_authtok</quote> "
+"parameter of a given SSSD domain and the "
+"<quote>ldap_default_authtok_type</quote> parameter is set to "
+"<quote>obfuscated_password</quote>. Refer to <citerefentry> <refentrytitle"
+">sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more"
+" details on these parameters."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:49
+msgid ""
+"Please note that obfuscating the password provides <emphasis>no real "
+"security benefit</emphasis> as it is still possible for an attacker to "
+"reverse-engineer the password back. Using better authentication mechanisms "
+"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
+"advised."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:63
+msgid "<option>-s</option>,<option>--stdin</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:67
+msgid "The password to obfuscate will be read from standard input."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:74
+msgid ""
+"<option>-d</option>,<option>--domain</option> "
+"<replaceable>DOMAIN</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:79
+msgid ""
+"The SSSD domain to use the password in. The default name is "
+"<quote>default</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:86
+msgid ""
+"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:91
+msgid "Read the config file specified by the positional parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:95
+msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:105
+msgid ""
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
+msgid "sss_useradd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_useradd.8.xml:16
+msgid "create a new user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_useradd.8.xml:21
+msgid ""
+"<command>sss_useradd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:32
+msgid ""
+"<command>sss_useradd</command> creates a new user account using the values "
+"specified on the command line plus the default values from the system."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:43
+msgid ""
+"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:48
+msgid ""
+"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:55 sss_usermod.8.xml:43
+msgid ""
+"<option>-c</option>,<option>--gecos</option> "
+"<replaceable>COMMENT</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:60 sss_usermod.8.xml:48
+msgid ""
+"Any text string describing the user. Often used as the field for the user's "
+"full name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:67 sss_usermod.8.xml:55
+msgid ""
+"<option>-h</option>,<option>--home</option> "
+"<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:72
+msgid ""
+"The home directory of the user account. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
+"that as the home directory. The base that is prepended before "
+"<replaceable>LOGIN</replaceable> is tunable with "
+"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:82 sss_usermod.8.xml:66
+msgid ""
+"<option>-s</option>,<option>--shell</option> "
+"<replaceable>SHELL</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:87
+msgid ""
+"The user's login shell. The default is currently "
+"<filename>/bin/bash</filename>. The default can be changed with "
+"<quote>user_defaults/defaultShell</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:96
+msgid ""
+"<option>-G</option>,<option>--groups</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:101
+msgid "A list of existing groups this user is also a member of."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:107
+msgid "<option>-m</option>,<option>--create-home</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:111
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the -k option or in the config file) will be copied to the home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:121
+msgid "<option>-M</option>,<option>--no-create-home</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:125
+msgid ""
+"Do not create the user's home directory. Overrides configuration settings."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:132
+msgid ""
+"<option>-k</option>,<option>--skel</option> "
+"<replaceable>SKELDIR</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:137
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in"
+" the user's home directory, when the home directory is created by "
+"<command>sss_useradd</command>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:143
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified, or creation of home directories is set "
+"to TRUE in the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
+msgid ""
+"<option>-Z</option>,<option>--selinux-user</option> "
+"<replaceable>SELINUX_USER</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:157
+msgid ""
+"The SELinux user for the user's login. If not specified, the system default "
+"will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:169
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
+msgid "sssd-krb5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:23
+msgid ""
+"This manual page describes the configuration of the Kerberos 5 "
+"authentication backend for <citerefentry> "
+"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, please refer to the "
+"<quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:36
+msgid ""
+"The Kerberos 5 authentication backend contains auth and chpass providers. It"
+" must be paired with identity provider in order to function properly (for "
+"example, id_provider = ldap). Some information required by the Kerberos 5 "
+"authentication backend must be provided by the identity provider, such as "
+"the user's Kerberos Principal Name (UPN). The configuration of the identity "
+"provider should have an entry to specify the UPN. Please refer to the man "
+"page for the applicable identity provider for details on how to configure "
+"this."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:47
+msgid ""
+"This backend also provides access control based on the .k5login file in the "
+"home directory of the user. See <citerefentry> "
+"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry> for more details. Please note that an empty .k5login file "
+"will deny all access to this user. To activate this feature use "
+"'access_provider = krb5' in your sssd configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:55
+msgid ""
+"In the case where the UPN is not available in the identity backend "
+"<command>sssd</command> will construct a UPN using the format "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:106
+msgid ""
+"The name of the Kerberos realm. This option is required and must be "
+"specified."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:113
+msgid "krb5_kpasswd (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:116
+msgid ""
+"If the change password service is not running on the KDC alternative servers"
+" can be defined here. An optional port number (preceded by a colon) may be "
+"appended to the addresses or hostnames."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:122
+msgid ""
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. Please note that even if there are no more"
+" kpasswd servers to try the back end is not switch to offline if "
+"authentication against the KDC is still possible."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:129
+msgid "Default: Use the KDC"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:135
+msgid "krb5_ccachedir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:138
+msgid ""
+"Directory to store credential caches. All the substitution sequences of "
+"krb5_ccname_template can be used here, too, except %d and %P. If the "
+"directory does not exist it will be created. If %u, %U, %p or %h are used a "
+"private directory belonging to the user is created. Otherwise a public "
+"directory with restricted deletion flag (aka sticky bit, see <citerefentry> "
+"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
+"</citerefentry> for details) is created."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:151
+msgid "Default: /tmp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:157
+msgid "krb5_ccname_template (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:171
+msgid "login UID"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:174
+msgid "%p"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:175
+msgid "principal name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:179
+msgid "%r"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:180
+msgid "realm name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:183
+msgid "%h"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:184
+msgid "home directory"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:189
+msgid "value of krb5ccache_dir"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:194
+msgid "%P"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:195
+msgid "the process ID of the sssd client"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:160
+msgid ""
+"Location of the user's credential cache. Currently only file based "
+"credential caches are supported. In the template the following sequences are"
+" substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template "
+"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe "
+"way."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:209
+msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:215
+msgid "krb5_auth_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:218
+msgid ""
+"Timeout in seconds after an online authentication or change password request"
+" is aborted. If possible the authentication request is continued offline."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:241
+msgid "krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:244
+msgid ""
+"The location of the keytab to use when validating credentials obtained from "
+"KDCs."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:248
+msgid "Default: /etc/krb5.keytab"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:254
+msgid "krb5_store_password_if_offline (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:257
+msgid ""
+"Store the password of the user if the provider is offline and use it to "
+"request a TGT when the provider gets online again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:262
+msgid ""
+"Please note that this feature currently only available on a Linux platform. "
+"Passwords stored in this way are kept in plaintext in the kernel keyring and"
+" are potentially accessible by the root user (with difficulty)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:275
+msgid "krb5_renewable_lifetime (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:278
+msgid ""
+"Request a renewable ticket with a total lifetime given by an integer "
+"immediately followed by one of the following delimiters:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319
+msgid "<emphasis>s</emphasis> seconds"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322
+msgid "<emphasis>m</emphasis> minutes"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325
+msgid "<emphasis>h</emphasis> hours"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328
+msgid "<emphasis>d</emphasis> days."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331
+msgid "If there is no delimiter <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:299
+msgid ""
+"Please note that it is not possible to mix units. If you want to set the "
+"renewable lifetime to one and a half hours please use '90m' instead of "
+"'1h30m'."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:305
+msgid "Default: not set, i.e. the TGT is not renewable"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:311
+msgid "krb5_lifetime (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:314
+msgid ""
+"Request ticket with a with a lifetime given by an integer immediately "
+"followed by one of the following delimiters:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:335
+msgid ""
+"Please note that it is not possible to mix units. If you want to set the "
+"lifetime to one and a half hours please use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:340
+msgid ""
+"Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:347
+msgid "krb5_renew_interval (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:350
+msgid ""
+"The time in seconds between two checks if the TGT should be renewed. TGTs "
+"are renewed if about half of their lifetime is exceeded."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:355
+msgid "If this option is not set or 0 the automatic renewal is disabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:365
+msgid "krb5_use_fast (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:368
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:373
+msgid ""
+"<emphasis>never</emphasis> use FAST, this is equivalent to not set this "
+"option at all."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:377
+msgid ""
+"<emphasis>try</emphasis> to use FAST, if the server does not support fast "
+"continue without."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:381
+msgid ""
+"<emphasis>demand</emphasis> to use FAST, fail if the server does not require"
+" fast."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:385
+msgid "Default: not set, i.e. FAST is not used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:388
+msgid "Please note that a keytab is required to use fast."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:391
+msgid ""
+"Please note also that sssd supports fast only with MIT Kerberos version 1.8 "
+"and above. If sssd used used with an older version using this option is a "
+"configuration error."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:400
+msgid "krb5_fast_principal (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:403
+msgid "Specifies the server principal to use for FAST."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:412
+msgid ""
+"Specifies if the host and user pricipal should be canonicalized. This "
+"feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:65
+msgid ""
+"If the auth-module krb5 is used in a SSSD domain, the following options must"
+" be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN "
+"SECTIONS</quote> for details on the configuration of a SSSD domain. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:434
+msgid ""
+"The following example assumes that SSSD is correctly configured and FOO is "
+"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
+"example shows only configuration of Kerberos authentication, it does not "
+"include any identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-krb5.5.xml:442
+#, no-wrap
+msgid ""
+" [domain/FOO]\n"
+" auth_provider = krb5\n"
+" krb5_server = 192.168.1.1\n"
+" krb5_realm = EXAMPLE.COM\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:453
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
+msgid "sss_groupadd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupadd.8.xml:16
+msgid "create a new group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupadd.8.xml:21
+msgid ""
+"<command>sss_groupadd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:32
+msgid ""
+"<command>sss_groupadd</command> creates a new group. These groups are "
+"compatible with POSIX groups, with the additional feature that they can "
+"contain other groups as members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupadd.8.xml:43
+msgid ""
+"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupadd.8.xml:48
+msgid ""
+"Set the GID of the group to the value of <replaceable>GID</replaceable>. If"
+" not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:60
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
+msgid "sss_userdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_userdel.8.xml:16
+msgid "delete a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_userdel.8.xml:21
+msgid ""
+"<command>sss_userdel</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:32
+msgid ""
+"<command>sss_userdel</command> deletes a user identified by login name "
+"<replaceable>LOGIN</replaceable> from the system."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:44
+msgid "<option>-r</option>,<option>--remove</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:48
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:56
+msgid "<option>-R</option>,<option>--no-remove</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:60
+msgid ""
+"Files in the user's home directory will NOT be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:68
+msgid "<option>-f</option>,<option>--force</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:72
+msgid ""
+"This option forces <command>sss_userdel</command> to remove the user's home "
+"directory and mail spool, even if they are not owned by the specified user."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:80
+msgid "<option>-k</option>,<option>--kick</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:84
+msgid "Before actually deleting the user, terminate all his processes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:95
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
+msgid "sss_groupdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupdel.8.xml:16
+msgid "delete a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupdel.8.xml:21
+msgid ""
+"<command>sss_groupdel</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:32
+msgid ""
+"<command>sss_groupdel</command> deletes a group identified by its name "
+"<replaceable>GROUP</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:48
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
+msgid "sss_groupshow"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupshow.8.xml:16
+msgid "print properties of a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupshow.8.xml:21
+msgid ""
+"<command>sss_groupshow</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:32
+msgid ""
+"<command>sss_groupshow</command> displays information about a group "
+"identified by its name <replaceable>GROUP</replaceable>. The information "
+"includes the group ID number, members of the group and the parent group."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupshow.8.xml:43
+msgid "<option>-R</option>,<option>--recursive</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupshow.8.xml:47
+msgid ""
+"Also print indirect group members in a tree-like hierarchy. Note that this "
+"also affects printing parent groups - without <option>R</option>, only the "
+"direct parent will be printed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:60
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
+msgid "sss_usermod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_usermod.8.xml:16
+msgid "modify a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_usermod.8.xml:21
+msgid ""
+"<command>sss_usermod</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:32
+msgid ""
+"<command>sss_usermod</command> modifies the account specified by "
+"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
+"on the command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:60
+msgid "The home directory of the user account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:71
+msgid "The user's login shell."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:82
+msgid ""
+"Append this user to groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter. The "
+"<replaceable>GROUPS</replaceable> parameter is a comma separated list of "
+"group names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:96
+msgid ""
+"Remove this user from groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:103
+msgid "<option>-l</option>,<option>--lock</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:107
+msgid "Lock the user account. The user won't be able to log in."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:114
+msgid "<option>-u</option>,<option>--unlock</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:118
+msgid "Unlock the user account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:129
+msgid "The SELinux user for the user's login."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:140
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/service_discovery.xml:2
+msgid "SERVICE DISCOVERY"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/service_discovery.xml:4
+msgid ""
+"The service discovery feature allows back ends to automatically find the "
+"appropriate servers to connect to using a special DNS query."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:9
+msgid "Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:11
+msgid ""
+"If no servers are specified, the back end automatically uses service "
+"discovery to try to find a server. Optionally, the user may choose to use "
+"both fixed server addresses and service discovery by inserting a special "
+"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
+"preference is maintained. This feature is useful if, for example, the user "
+"prefers to use service discovery whenever possible, and fall back to a "
+"specific server when no servers can be discovered using DNS."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:23
+msgid "The domain name"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:25
+msgid ""
+"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:35
+msgid "The protocol"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:37
+msgid ""
+"The queries usually specify _tcp as the protocol. Exceptions are documented "
+"in respective option description."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:42
+msgid "See Also"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:44
+msgid ""
+"For more information on the service discovery mechanism, refer to RFC 2782."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/upstream.xml:1
+msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/failover.xml:2
+msgid "FAILOVER"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/failover.xml:4
+msgid ""
+"The failover feature allows back ends to automatically switch to a different"
+" server if the primary server fails."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:8
+msgid "Failover Syntax"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:10
+msgid ""
+"The list of servers is given as a comma-separated list; any number of spaces"
+" is allowed around the comma. The servers are listed in order of preference."
+" The list can contain any number of servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:17
+msgid "The Failover Mechanism"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:19
+msgid ""
+"The failover mechanism distinguishes between a machine and a service. The "
+"back end first tries to resolve the hostname of a given machine; if this "
+"resolution attempt fails, the machine is considered offline. No further "
+"attempts are made to connect to this machine for any other service. If the "
+"resolution attempt succeeds, the back end tries to connect to a service on "
+"this machine. If the service connection attempt fails, then only this "
+"particular service is considered offline and the back end automatically "
+"switches over to the next service. The machine is still considered online "
+"and might still be tried for another service."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:32
+msgid ""
+"Further connection attempts are made to machines or services marked as "
+"offline after a specified period of time; this is currently hard coded to 30"
+" seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:37
+msgid ""
+"If there are no more machines to try, the back end as a whole switches to "
+"offline mode, and then attempts to reconnect every 30 seconds."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help.xml:3
+msgid "<option>-h</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/param_help.xml:7
+msgid "Display help message and exit."
+msgstr ""
+
+
diff --git a/src/man/po/bal.po b/src/man/po/bal.po
index 3e0f3024..60e5fc19 100644
--- a/src/man/po/bal.po
+++ b/src/man/po/bal.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Balochi <trans-bal@lists.fedoraproject.org>\n"
diff --git a/src/man/po/bg.po b/src/man/po/bg.po
new file mode 100644
index 00000000..8c9effb8
--- /dev/null
+++ b/src/man/po/bg.po
@@ -0,0 +1,6017 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Red Hat
+# This file is distributed under the same license as the sssd-docs package.
+#
+# Translators:
+msgid ""
+msgstr ""
+"Project-Id-Version: SSSD\n"
+"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
+"POT-Creation-Date: 2011-11-02 16:02-0300\n"
+"PO-Revision-Date: 2010-12-23 15:35+0000\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: Bulgarian <trans-bg@lists.fedoraproject.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: bg\n"
+"Plural-Forms: nplurals=2; plural=(n != 1)\n"
+
+#. type: Content of: <reference><title>
+#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
+#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
+#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5
+#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5
+#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5
+msgid "SSSD Manual pages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
+msgid "sss_groupmod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
+#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
+#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
+#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11
+msgid "8"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupmod.8.xml:16
+msgid "modify a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupmod.8.xml:21
+msgid ""
+"<command>sss_groupmod</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
+#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
+#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30
+#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30
+#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30
+msgid "DESCRIPTION"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:32
+msgid ""
+"<command>sss_groupmod</command> modifies the group to reflect the changes "
+"that are specified on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
+#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
+#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
+msgid "OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
+msgid ""
+"<option>-a</option>,<option>--append-group</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:48
+msgid ""
+"Append this group to groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter. The "
+"<replaceable>GROUPS</replaceable> parameter is a comma separated list of "
+"group names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
+msgid ""
+"<option>-r</option>,<option>--remove-group</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:62
+msgid ""
+"Remove this group from groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1132 sssd-ldap.5.xml:1640
+#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
+#: sssd-ipa.5.xml:265 sssd.8.xml:181 sss_obfuscate.8.xml:103
+#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58
+#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
+#: sss_usermod.8.xml:138
+msgid "SEE ALSO"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:74
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.conf.5.xml:10 sssd.conf.5.xml:16
+msgid "sssd.conf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
+#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11
+msgid "5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
+#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
+#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12
+msgid "File Formats and Conventions"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
+#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17
+msgid "the configuration file for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:21
+msgid "FILE FORMAT"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:29
+#, no-wrap
+msgid ""
+" <replaceable>[section]</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
+" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:24
+msgid ""
+"The file has an ini-style syntax and consists of sections and parameters. A "
+"section begins with the name of the section in square brackets and continues"
+" until the next section begins. An example of section with single and multi-"
+"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:36
+msgid ""
+"The data types used are string (no quotes needed), integer and bool (with "
+"values of <quote>TRUE/FALSE</quote>)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:41
+msgid ""
+"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
+"(<quote>;</quote>)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:46
+msgid ""
+"All sections can have an optional <replaceable>description</replaceable> "
+"parameter. Its function is only as a label for the section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:52
+msgid ""
+"<filename>sssd.conf</filename> must be a regular file, owned by root and "
+"only root may read from or write to the file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:58
+msgid "SPECIAL SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:61
+msgid "The [sssd] section"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:978
+msgid "Section parameters"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:72
+msgid "config_file_version (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:75
+msgid ""
+"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
+"version 2."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:81
+msgid "services"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:84
+msgid ""
+"Comma separated list of services that are started when sssd itself starts."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:88
+msgid "Supported services: nss, pam"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:93 sssd.conf.5.xml:256
+msgid "reconnection_retries (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:96 sssd.conf.5.xml:259
+msgid ""
+"Number of times services should attempt to reconnect in the event of a Data "
+"Provider crash or restart before they give up"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:264
+msgid "Default: 3"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:106
+msgid "domains"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:109
+msgid ""
+"A domain is a database containing user information. SSSD can use more "
+"domains at the same time, but at least one must be configured or SSSD won't "
+"start. This parameter described the list of domains in the order you want "
+"them to be queried."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:119
+msgid "re_expression (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:122
+msgid ""
+"Regular expression that describes how to parse the string containing user "
+"name and domain into these components."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:126
+msgid ""
+"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
+"which translates to \"the name is everything up to the <quote>@</quote> "
+"sign, the domain everything after that\""
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:131
+msgid ""
+"PLEASE NOTE: the support for non-unique named subpatterns is not available "
+"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
+"version 7 or higher can support non-unique named subpatterns."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:138
+msgid ""
+"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
+"(?P&lt;name&gt;) to label subpatterns."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:145
+msgid "full_name_format (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:148
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> "
+"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+"how to translate a (name, domain) tuple into a fully qualified name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:156
+msgid "Default: <quote>%1$s@%2$s</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161
+msgid "try_inotify (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164
+msgid ""
+"SSSD monitors the state of resolv.conf to identify when it needs to update "
+"its internal DNS resolver. By default, we will attempt to use inotify for "
+"this, and will fall back to polling resolv.conf every five seconds if "
+"inotify cannot be used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:172
+msgid ""
+"There are some limited situations where it is preferred that we should skip "
+"even trying to use inotify. In these rare cases, this option should be set "
+"to 'false'"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:178
+msgid ""
+"Default: true on platforms where inotify is supported. False on other "
+"platforms."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:182
+msgid ""
+"Note: this option will have no effect on platforms where inotify is "
+"unavailable. On these platforms, polling will always be used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:189
+msgid "krb5_rcache_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:192
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:196
+msgid ""
+"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
+"SSSD to let libkrb5 decide the appropriate location for the replay cache."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:202
+msgid ""
+"Default: Distribution-specific and specified at build-time. "
+"(__LIBKRB5_DEFAULTS__ if not configured)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:63
+msgid ""
+"Individual pieces of SSSD functionality are provided by special SSSD "
+"services that are started and stopped together with SSSD. The services are "
+"managed by a special service frequently called <quote>monitor</quote>. The "
+"<quote>[sssd]</quote> section is used to configure the monitor as well as "
+"some other important options like the identity domains. <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:215
+msgid "SERVICES SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:217
+msgid ""
+"Settings that can be used to configure different services are described in "
+"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
+"section, for example, for NSS service, the section would be "
+"<quote>[nss]</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:224
+msgid "General service configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:226
+msgid "These options can be used to configure any service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:230
+msgid "debug_level (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:234
+msgid "debug_timestamps (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:237
+msgid "Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:375 sssd-ldap.5.xml:1178
+#: sssd-ldap.5.xml:1298 sssd-ipa.5.xml:155 sssd-ipa.5.xml:190
+msgid "Default: true"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:245
+msgid "debug_microseconds (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:248
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:251 sssd-ldap.5.xml:592 sssd-ldap.5.xml:1110
+#: sssd-ldap.5.xml:1247 sssd-ipa.5.xml:115 sssd-krb5.5.xml:235
+#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418
+msgid "Default: false"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:269
+msgid "command (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:272
+msgid ""
+"By default, the executable representing this service is called "
+"<command>sssd_${service_name}</command>. This directive allows to change "
+"the executable name for the service. In the vast majority of configurations,"
+" the default values should suffice."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:280
+msgid "Default: <command>sssd_${service_name}</command>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:288
+msgid "NSS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:290
+msgid ""
+"These options can be used to configure the Name Service Switch (NSS) "
+"service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:295
+msgid "enum_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:298
+msgid ""
+"How many seconds should nss_sss cache enumerations (requests for info about "
+"all users)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:302
+msgid "Default: 120"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:307
+msgid "entry_cache_nowait_percentage (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:310
+msgid ""
+"The entry cache can be set to automatically update entries in the background"
+" if they are requested beyond a percentage of the entry_cache_timeout value "
+"for the domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:316
+msgid ""
+"For example, if the domain's entry_cache_timeout is set to 30s and "
+"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
+"after 15 seconds past the last cache update will be returned immediately, "
+"but the SSSD will go and update the cache on its own, so that future "
+"requests will not need to block waiting for a cache update."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:326
+msgid ""
+"Valid values for this option are 0-99 and represent a percentage of the "
+"entry_cache_timeout for each domain. For performance reasons, this "
+"percentage will never reduce the nowait timeout to less than 10 seconds. (0"
+" disables this feature)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:334
+msgid "Default: 50"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:339
+msgid "entry_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:342
+msgid ""
+"Specifies for how many seconds nss_sss should cache negative cache hits "
+"(that is, queries for invalid database entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:348 sssd-krb5.5.xml:223
+msgid "Default: 15"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:353
+msgid "filter_users, filter_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:356
+msgid ""
+"Exclude certain users from being fetched from the sss NSS database. This is "
+"particularly useful for system accounts. This option can also be set per-"
+"domain or include fully-qualified names to filter only users from the "
+"particular domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:363
+msgid "Default: root"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:368
+msgid "filter_users_in_groups (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:371
+msgid ""
+"If you want filtered user still be group members set this option to false."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:380
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:389 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:393 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:394
+msgid "UID number"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:397 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid "domain name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:401
+msgid "%f"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:402
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:405 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:406 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:383
+msgid ""
+"Override the user's home directory. You can either provide an absolute value"
+" or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:412
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:417
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:420
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:423
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:427
+msgid ""
+"2. If the shell is in the allowed_shells list but not in "
+"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:432
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in "
+"<quote>/etc/shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:437
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:440
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:444
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:449
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:452
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:457
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:460
+msgid ""
+"The default shell to use if an allowed shell is not installed on the "
+"machine."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:464
+msgid "Default: /bin/sh"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:471
+msgid "PAM configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:473
+msgid ""
+"These options can be used to configure the Pluggable Authentication Module "
+"(PAM) service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:478
+msgid "offline_credentials_expiration (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:481
+msgid ""
+"If the authentication provider is offline, how long should we allow cached "
+"logins (in days since the last successful online login)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:486 sssd.conf.5.xml:499
+msgid "Default: 0 (No limit)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:492
+msgid "offline_failed_login_attempts (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:495
+msgid ""
+"If the authentication provider is offline, how many failed login attempts "
+"are allowed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:505
+msgid "offline_failed_login_delay (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:508
+msgid ""
+"The time in minutes which has to pass after offline_failed_login_attempts "
+"has been reached before a new login attempt is possible."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:513
+msgid ""
+"If set to 0 the user cannot authenticate offline if "
+"offline_failed_login_attempts has been reached. Only a successful online "
+"authentication can enable enable offline authentication again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:519 sssd.conf.5.xml:572 sssd.conf.5.xml:908
+msgid "Default: 5"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:525
+msgid "pam_verbosity (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:528
+msgid ""
+"Controls what kind of messages are shown to the user during authentication. "
+"The higher the number to more messages are displayed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:533
+msgid "Currently sssd supports the following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:536
+msgid "<emphasis>0</emphasis>: do not show any message"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:539
+msgid "<emphasis>1</emphasis>: show only important messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:543
+msgid "<emphasis>2</emphasis>: show informational messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:546
+msgid "<emphasis>3</emphasis>: show all messages and debug information"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:550 sssd.8.xml:63
+msgid "Default: 1"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:555
+msgid "pam_id_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:558
+msgid ""
+"For any PAM request while SSSD is online, the SSSD will attempt to "
+"immediately update the cached identity information for the user in order to "
+"ensure that authentication takes place with the latest information."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:564
+msgid ""
+"A complete PAM conversation may perform multiple PAM requests, such as "
+"account management and session opening. This option controls (on a per-"
+"client-application basis) how long (in seconds) we can cache the identity "
+"information to avoid excessive round-trips to the identity provider."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:578
+msgid "pam_pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:581
+msgid "Display a warning N days before the password expires."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:584
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:590
+msgid "Default: 7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:599
+msgid "DOMAIN SECTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:606
+msgid "min_id,max_id (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:609
+msgid ""
+"UID and GID limits for the domain. If a domain contains an entry that is "
+"outside these limits, it is ignored."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:614
+msgid ""
+"For users, this affects the primary GID limit. The user will not be returned"
+" to NSS if either the UID or the primary GID is outside the range. For non-"
+"primary group memberships, those that are in range will be reported as "
+"expected."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:621
+msgid "Default: 1 for min_id, 0 (no limit) for max_id"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:627
+msgid "timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:630
+msgid ""
+"Timeout in seconds between heartbeats for this domain. This is used to "
+"ensure that the backend process is alive and capable of answering requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:635 sssd-ldap.5.xml:981
+msgid "Default: 10"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:641
+msgid "enumerate (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:644
+msgid ""
+"Determines if a domain can be enumerated. This parameter can have one of the"
+" following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:648
+msgid "TRUE = Users and groups are enumerated"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:651
+msgid "FALSE = No enumerations for this domain"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:654 sssd.conf.5.xml:706 sssd.conf.5.xml:760
+msgid "Default: FALSE"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:657
+msgid ""
+"Note: Enabling enumeration has a moderate performance impact on SSSD while "
+"enumeration is running. It may take up to several minutes after SSSD startup"
+" to fully complete enumerations. During this time, individual requests for "
+"information will go directly to LDAP, though it may be slow, due to the "
+"heavy enumeration processing."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:667
+msgid ""
+"While the first enumeration is running, requests for the complete user or "
+"group lists may return no results until it completes."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:672
+msgid ""
+"Further, enabling enumeration may increase the time necessary to detect "
+"network disconnection, as longer timeouts are required to ensure that "
+"enumeration lookups are completed successfully. For more information, refer"
+" to the man pages for the specific id_provider in use."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:683
+msgid "entry_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:686
+msgid ""
+"How many seconds should nss_sss consider entries valid before asking the "
+"backend again"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:690
+msgid "Default: 5400"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:695
+msgid "cache_credentials (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:698
+msgid "Determines if user credentials are also cached in the local LDB cache"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:702
+msgid "User credentials are stored in a SHA512 hash, not in plaintext"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:711
+msgid "account_cache_expiration (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:714
+msgid ""
+"Number of days entries are left in cache after last successful login before "
+"being removed during a cleanup of the cache. 0 means keep forever. The "
+"value of this parameter must be greater than or equal to "
+"offline_credentials_expiration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:721
+msgid "Default: 0 (unlimited)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:727
+msgid "id_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:730
+msgid "The Data Provider identity backend to use for this domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:734
+msgid "Supported backends:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:737
+msgid "proxy: Support a legacy NSS provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:740
+msgid "local: SSSD internal local provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:743
+msgid "ldap: LDAP provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:749
+msgid "use_fully_qualified_names (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:752
+msgid ""
+"If set to TRUE, all requests to this domain must use fully qualified names. "
+"For example, if used in LOCAL domain that contains a \"test\" user, "
+"<command>getent passwd test</command> wouldn't find the user while "
+"<command>getent passwd test@LOCAL</command> would."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:765
+msgid "auth_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:768
+msgid ""
+"The authentication provider used for the domain. Supported auth providers "
+"are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:772
+msgid ""
+"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:779
+msgid ""
+"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:786
+msgid ""
+"<quote>proxy</quote> for relaying authentication to some other PAM target."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:789
+msgid "<quote>none</quote> disables authentication explicitly."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:792
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"authentication requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:798
+msgid "access_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:801
+msgid ""
+"The access control provider used for the domain. There are two built-in "
+"access providers (in addition to any included in installed backends) "
+"Internal special providers are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:807
+msgid "<quote>permit</quote> always allow access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:810
+msgid "<quote>deny</quote> always deny access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:813
+msgid ""
+"<quote>simple</quote> access control based on access or deny lists. See "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for more information on configuring "
+"the simple access module."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:820
+msgid "Default: <quote>permit</quote>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:825
+msgid "chpass_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:828
+msgid ""
+"The provider which should handle change password operations for the domain."
+" Supported change password providers are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:833
+msgid ""
+"<quote>ipa</quote> to change a password stored in an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring"
+" IPA."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:841
+msgid ""
+"<quote>ldap</quote> to change a password stored in a LDAP server. See "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring"
+" LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:857
+msgid ""
+"<quote>proxy</quote> for relaying password changes to some other PAM target."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:861
+msgid "<quote>none</quote> disallows password changes explicitly."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:864
+msgid ""
+"Default: <quote>auth_provider</quote> is used if it is set and can handle "
+"change password requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:871
+msgid "lookup_family_order (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:874
+msgid ""
+"Provides the ability to select preferred address family to use when "
+"performing DNS lookups."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:878
+msgid "Supported values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:881
+msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:884
+msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:887
+msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:890
+msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:893
+msgid "Default: ipv4_first"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:899
+msgid "dns_resolver_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:902
+msgid ""
+"Defines the amount of time (in seconds) to wait for a reply from the DNS "
+"resolver before assuming that it is unreachable. If this timeout is reached,"
+" the domain will continue to operate in offline mode."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:914
+msgid "dns_discovery_domain (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:917
+msgid ""
+"If service discovery is used in the back end, specifies the domain part of "
+"the service discovery DNS query."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:921
+msgid "Default: Use the domain part of machine's hostname"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:927
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:930
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:601
+msgid ""
+"These configuration options can be present in a domain configuration "
+"section, that is, in a section called "
+"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:942
+msgid "proxy_pam_target (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:945
+msgid "The proxy target PAM proxies to."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:948
+msgid ""
+"Default: not set by default, you have to take an existing pam configuration "
+"or create a new one and add the service name here."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:956
+msgid "proxy_lib_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:959
+msgid ""
+"The name of the NSS library to use in proxy domains. The NSS functions "
+"searched for in the library are in the form of _nss_$(libName)_$(function), "
+"for example _nss_files_getpwent."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:938
+msgid ""
+"Options valid for proxy domains. <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:971
+msgid "The local domain section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:973
+msgid ""
+"This section contains settings for domain that stores users and groups in "
+"SSSD native database, that is, a domain that uses "
+"<replaceable>id_provider=local</replaceable>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:980
+msgid "default_shell (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:983
+msgid "The default shell for users created with SSSD userspace tools."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid "Default: <filename>/bin/bash</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:992
+msgid "base_directory (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:995
+msgid ""
+"The tools append the login name to <replaceable>base_directory</replaceable>"
+" and use that as the home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1000
+msgid "Default: <filename>/home</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1005
+msgid "create_homedir (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1008
+msgid ""
+"Indicate if a home directory should be created by default for new users. "
+"Can be overridden on command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1012 sssd.conf.5.xml:1024
+msgid "Default: TRUE"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1017
+msgid "remove_homedir (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1020
+msgid ""
+"Indicate if a home directory should be removed by default for deleted users."
+" Can be overridden on command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1029
+msgid "homedir_umask (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1032
+msgid ""
+"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
+"on a newly created home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1040
+msgid "Default: 077"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1045
+msgid "skel_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1048
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in"
+" the user's home directory, when the home directory is created by "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1058
+msgid "Default: <filename>/etc/skel</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1063
+msgid "mail_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1066
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"default value is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1073
+msgid "Default: <filename>/var/mail</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1078
+msgid "userdel_cmd (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1081
+msgid ""
+"The command that is run after a user is removed. The command us passed the "
+"username of the user being removed as the first and only parameter. The "
+"return code of the command is not taken into account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1087
+msgid "Default: None, no command is run"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:1097 sssd-ldap.5.xml:1608 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:247 sssd-krb5.5.xml:432
+msgid "EXAMPLE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:1103
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"domains = LDAP\n"
+"services = nss, pam\n"
+"config_file_version = 2\n"
+"\n"
+"[nss]\n"
+"filter_groups = root\n"
+"filter_users = root\n"
+"\n"
+"[pam]\n"
+"\n"
+"[domain/LDAP]\n"
+"id_provider = ldap\n"
+"ldap_uri = ldap://ldap.example.com\n"
+"ldap_search_base = dc=example,dc=com\n"
+"\n"
+"auth_provider = krb5\n"
+"krb5_server = kerberos.example.com\n"
+"krb5_realm = EXAMPLE.COM\n"
+"cache_credentials = true\n"
+"\n"
+"min_id = 10000\n"
+"max_id = 20000\n"
+"enumerate = False\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1099
+msgid ""
+"The following example shows a typical SSSD config. It does not describe "
+"configuration of the domains themselves - refer to documentation on "
+"configuring domains for more details. <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1134
+msgid ""
+"<citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
+msgid "sssd-ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:23
+msgid ""
+"This manual page describes the configuration of LDAP domains for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax "
+"information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:35
+msgid "You can configure SSSD to use more than one LDAP domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:38
+msgid ""
+"LDAP back end supports id, auth, access and chpass providers. If you want to"
+" authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
+"<command>sssd</command> <emphasis>does not</emphasis> support authentication"
+" over an unencrypted channel. If the LDAP server is used only as an "
+"identity provider, an encrypted channel is not needed. Please refer to "
+"<quote>ldap_access_filter</quote> config option for more information about "
+"using LDAP as an access provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61
+#: sssd-krb5.5.xml:63
+msgid "CONFIGURATION OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:60
+msgid "ldap_uri (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:63
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD"
+" should connect in the order of preference. Refer to the "
+"<quote>FAILOVER</quote> section for more information on failover and server "
+"redundancy. If not specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD"
+" should connect in the order of preference to change the password of a user."
+" Refer to the <quote>FAILOVER</quote> section for more information on "
+"failover and server redundancy."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:95
+msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:99
+msgid "Default: empty, i.e. ldap_uri is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:105
+msgid "ldap_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:108
+msgid "The default base DN to use for performing LDAP user operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:112
+msgid ""
+"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
+"syntax:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:116
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:119
+msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:122
+msgid ""
+"The filter must be a valid LDAP search filter as specified by "
+"http://www.ietf.org/rfc/rfc2254.txt"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:126
+msgid "Examples:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:129
+msgid ""
+"ldap_search_base = dc=example,dc=com (which is equivalent to) "
+"ldap_search_base = dc=example,dc=com?subtree?"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:134
+msgid ""
+"ldap_search_base = "
+"cn=host_specific,dc=example,dc=com?subtree?(host=thishost)?dc=example.com?subtree?"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:137
+msgid ""
+"Note: It is unsupported to have multiple search bases which reference "
+"identically-named objects (for example, groups with the same name in two "
+"different search bases). This will lead to unpredictable behavior on client "
+"machines."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:144
+msgid ""
+"Default: If not set, the value of the defaultNamingContext or namingContexts"
+" attribute from the RootDSE of the LDAP server is used. If "
+"defaultNamingContext does not exists or has an empty value namingContexts is"
+" used. The namingContexts attribute must have a single value with the DN of"
+" the search base of the LDAP server to make this work. Multiple values are "
+"are not supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:158
+msgid "ldap_schema (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:161
+msgid ""
+"Specifies the Schema Type in use on the target LDAP server. Depending on "
+"the selected schema, the default attribute names retrieved from the servers "
+"may vary. The way that some attributes are handled may also differ. Three "
+"schema types are currently supported: rfc2307 rfc2307bis IPA The main "
+"difference between these schema types is how group memberships are recorded "
+"in the server. With rfc2307, group members are listed by name in the "
+"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group "
+"members are listed by DN and stored in the <emphasis>member</emphasis> "
+"attribute."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+msgid "Default: rfc2307"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:186
+msgid "ldap_default_bind_dn (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:189
+msgid "The default bind DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:196
+msgid "ldap_default_authtok_type (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:199
+msgid "The type of the authentication token of the default bind DN."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:203
+msgid "The two mechanisms currently supported are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:206
+msgid "password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:209
+msgid "obfuscated_password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:212
+msgid "Default: password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:218
+msgid "ldap_default_authtok (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:221
+msgid ""
+"The authentication token of the default bind DN. Only clear text passwords "
+"are currently supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:228
+msgid "ldap_user_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:231
+msgid "The object class of a user entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:234
+msgid "Default: posixAccount"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:240
+msgid "ldap_user_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:243
+msgid "The LDAP attribute that corresponds to the user's login name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:247
+msgid "Default: uid"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:253
+msgid "ldap_user_uid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:256
+msgid "The LDAP attribute that corresponds to the user's id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:260
+msgid "Default: uidNumber"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:266
+msgid "ldap_user_gid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:269
+msgid "The LDAP attribute that corresponds to the user's primary group id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:730
+msgid "Default: gidNumber"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:279
+msgid "ldap_user_gecos (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:282
+msgid "The LDAP attribute that corresponds to the user's gecos field."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:286
+msgid "Default: gecos"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:292
+msgid "ldap_user_home_directory (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:295
+msgid ""
+"The LDAP attribute that contains the name of the user's home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:299
+msgid "Default: homeDirectory"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:305
+msgid "ldap_user_shell (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:308
+msgid "The LDAP attribute that contains the path to the user's default shell."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:312
+msgid "Default: loginShell"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:318
+msgid "ldap_user_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:321
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:756 sssd-ldap.5.xml:849
+msgid "Default: nsUniqueId"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:331
+msgid "ldap_user_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:765 sssd-ldap.5.xml:858
+msgid ""
+"The LDAP attribute that contains timestamp of the last modification of the "
+"parent object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:769 sssd-ldap.5.xml:862
+msgid "Default: modifyTimestamp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:344
+msgid "ldap_user_shadow_last_change (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:347
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (date of the last password change)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:357
+msgid "Default: shadowLastChange"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:363
+msgid "ldap_user_shadow_min (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:366
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (minimum password age)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:375
+msgid "Default: shadowMin"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:381
+msgid "ldap_user_shadow_max (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:384
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (maximum password age)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:393
+msgid "Default: shadowMax"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:399
+msgid "ldap_user_shadow_warning (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:402
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (password warning period)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:412
+msgid "Default: shadowWarning"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:418
+msgid "ldap_user_shadow_inactive (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:421
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (password inactivity period)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:431
+msgid "Default: shadowInactive"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:437
+msgid "ldap_user_shadow_expire (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:440
+msgid ""
+"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this"
+" parameter contains the name of an LDAP attribute corresponding to its "
+"<citerefentry> <refentrytitle>shadow</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration "
+"date)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:450
+msgid "Default: shadowExpire"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:456
+msgid "ldap_user_krb_last_pwd_change (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:459
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of"
+" an LDAP attribute storing the date and time of last password change in "
+"kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:465
+msgid "Default: krbLastPwdChange"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:471
+msgid "ldap_user_krb_password_expiration (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:474
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of"
+" an LDAP attribute storing the date and time when current password expires."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:480
+msgid "Default: krbPasswordExpiration"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:486
+msgid "ldap_user_ad_account_expires (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:489
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the expiration time of the account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:494
+msgid "Default: accountExpires"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:500
+msgid "ldap_user_ad_user_account_control (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the user account control bit field."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:508
+msgid "Default: userAccountControl"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:514
+msgid "ldap_ns_account_lock (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:517
+msgid ""
+"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
+"determines if access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:522
+msgid "Default: nsAccountLock"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:528
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:541
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:544
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:555
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:558
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:563
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:569
+msgid "ldap_user_principal (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:572
+msgid ""
+"The LDAP attribute that contains the user's Kerberos User Principal Name "
+"(UPN)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:576
+msgid "Default: krbPrincipalName"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:582
+msgid "ldap_force_upper_case_realm (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:585
+msgid ""
+"Some directory servers, for example Active Directory, might deliver the "
+"realm part of the UPN in lower case, which might cause the authentication to"
+" fail. Set this option to a non-zero value if you want to use an upper-case "
+"realm."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:598
+msgid "ldap_enumeration_refresh_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:601
+msgid ""
+"The LDAP attribute that contains how many seconds SSSD has to wait before "
+"refreshing its cache of enumerated records."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:606
+msgid "Default: 300"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:612
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:615
+msgid ""
+"Determine how often to check the cache for inactive entries (such as groups "
+"with no members and users who have never logged in) and remove them to save "
+"space."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:621
+msgid "Setting this option to zero will disable the cache cleanup operation."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:625
+msgid "Default: 10800 (12 hours)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:631
+msgid "ldap_user_fullname (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:634
+msgid "The LDAP attribute that corresponds to the user's full name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:638 sssd-ldap.5.xml:717 sssd-ldap.5.xml:810
+msgid "Default: cn"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:644
+msgid "ldap_user_member_of (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:647
+msgid "The LDAP attribute that lists the user's group memberships."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:651
+msgid "Default: memberOf"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:657
+msgid "ldap_user_authorized_service (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:660
+msgid ""
+"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
+"use the presence of the authorizedService attribute in the user's LDAP entry"
+" to determine access privilege."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:667
+msgid ""
+"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
+"explicit allow (svc) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:672
+msgid "Default: authorizedService"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:678
+msgid "ldap_user_authorized_host (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:681
+msgid ""
+"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
+"presence of the host attribute in the user's LDAP entry to determine access "
+"privilege."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:687
+msgid ""
+"An explicit deny (!host) is resolved first. Second, SSSD searches for "
+"explicit allow (host) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:692
+msgid "Default: host"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:698
+msgid "ldap_group_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:701
+msgid "The object class of a group entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:704
+msgid "Default: posixGroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:710
+msgid "ldap_group_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:713
+msgid "The LDAP attribute that corresponds to the group name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:723
+msgid "ldap_group_gid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:726
+msgid "The LDAP attribute that corresponds to the group's id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:736
+msgid "ldap_group_member (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:739
+msgid "The LDAP attribute that contains the names of the group's members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:743
+msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:749
+msgid "ldap_group_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:752
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP group object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:762
+msgid "ldap_group_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:775
+msgid "ldap_group_nesting_level (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:778
+msgid ""
+"If ldap_schema is set to a schema format that supports nested groups (e.g. "
+"RFC2307bis), then this option controls how many levels of nesting SSSD will "
+"follow. This option has no effect on the RFC2307 schema."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:785
+msgid "Default: 2"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:791
+msgid "ldap_netgroup_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:794
+msgid "The object class of a netgroup entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:797
+msgid "Default: nisNetgroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:803
+msgid "ldap_netgroup_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:806
+msgid "The LDAP attribute that corresponds to the netgroup name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:816
+msgid "ldap_netgroup_member (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:819
+msgid "The LDAP attribute that contains the names of the netgroup's members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:823
+msgid "Default: memberNisNetgroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:829
+msgid "ldap_netgroup_triple (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:832
+msgid ""
+"The LDAP attribute that contains the (host, user, domain) netgroup triples."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:836
+msgid "Default: nisNetgroupTriple"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:842
+msgid "ldap_netgroup_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:845
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:855
+msgid "ldap_netgroup_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:868
+msgid "ldap_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:871
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches are allowed to run "
+"before they are cancelled and cached results are returned (and offline mode "
+"is entered)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:877
+msgid ""
+"Note: this option is subject to change in future versions of the SSSD. It "
+"will likely be replaced at some point by a series of timeouts for specific "
+"lookup types."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:883 sssd-ldap.5.xml:925 sssd-ldap.5.xml:940
+msgid "Default: 6"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:889
+msgid "ldap_enumeration_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:892
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches for user and group "
+"enumerations are allowed to run before they are cancelled and cached results"
+" are returned (and offline mode is entered)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:899
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:905
+msgid "ldap_network_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:908
+msgid ""
+"Specifies the timeout (in seconds) after which the <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> "
+"<manvolnum>2</manvolnum> </citerefentry> following a <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry> returns in case of no activity."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:931
+msgid "ldap_opt_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:934
+msgid ""
+"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
+"will abort if no response is received. Also controls the timeout when "
+"communicating with the KDC in case of SASL bind."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:946
+msgid "ldap_page_size (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:949
+msgid ""
+"Specify the number of records to retrieve from LDAP in a single request. "
+"Some LDAP servers enforce a maximum limit per-request."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:954
+msgid "Default: 1000"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:960
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:963
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing,"
+" they are looked up individually."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:969
+msgid ""
+"You can turn off dereference lookups completely by setting the value to 0."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:973
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:987
+msgid "ldap_tls_reqcert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:990
+msgid ""
+"Specifies what checks to perform on server certificates in a TLS session, if"
+" any. It can be specified as one of the following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:996
+msgid ""
+"<emphasis>never</emphasis> = The client will not request or check any server"
+" certificate."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1000
+msgid ""
+"<emphasis>allow</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate"
+" is provided, it will be ignored and the session proceeds normally."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1007
+msgid ""
+"<emphasis>try</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate"
+" is provided, the session is immediately terminated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1013
+msgid ""
+"<emphasis>demand</emphasis> = The server certificate is requested. If no "
+"certificate is provided, or a bad certificate is provided, the session is "
+"immediately terminated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1019
+msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1023
+msgid "Default: hard"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1029
+msgid "ldap_tls_cacert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1032
+msgid ""
+"Specifies the file that contains certificates for all of the Certificate "
+"Authorities that <command>sssd</command> will recognize."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1037 sssd-ldap.5.xml:1055 sssd-ldap.5.xml:1096
+msgid ""
+"Default: use OpenLDAP defaults, typically in "
+"<filename>/etc/openldap/ldap.conf</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1044
+msgid "ldap_tls_cacertdir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1047
+msgid ""
+"Specifies the path of a directory that contains Certificate Authority "
+"certificates in separate individual files. Typically the file names need to "
+"be the hash of the certificate followed by '.0'. If available, "
+"<command>cacertdir_rehash</command> can be used to create the correct names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1062
+msgid "ldap_tls_cert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1065
+msgid "Specifies the file that contains the certificate for the client's key."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1069 sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1567
+#: sssd-ldap.5.xml:1594 sssd-krb5.5.xml:359
+msgid "Default: not set"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1075
+msgid "ldap_tls_key (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1078
+msgid "Specifies the file that contains the client's key."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1087
+msgid "ldap_tls_cipher_suite (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1090
+msgid ""
+"Specifies acceptable cipher suites. Typically this is a colon sperated "
+"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for format."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1103
+msgid "ldap_id_use_start_tls (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1106
+msgid ""
+"Specifies that the id_provider connection must also use <systemitem "
+"class=\"protocol\">tls</systemitem> to protect the channel."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1116
+msgid "ldap_sasl_mech (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1119
+msgid ""
+"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
+"supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1123 sssd-ldap.5.xml:1280
+msgid "Default: none"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1129
+msgid "ldap_sasl_authid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1132
+msgid ""
+"Specify the SASL authorization id to use. When GSSAPI is used, this "
+"represents the Kerberos principal used for authentication to the directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1137
+msgid "Default: host/machine.fqdn@REALM"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1143
+msgid "ldap_sasl_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1146
+msgid ""
+"If set to true, the LDAP library would perform a reverse lookup to "
+"canonicalize the host name during a SASL bind."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1151
+msgid "Default: false;"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1157
+msgid "ldap_krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1160
+msgid "Specify the keytab to use when using SASL/GSSAPI."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1163
+msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1169
+msgid "ldap_krb5_init_creds (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1172
+msgid ""
+"Specifies that the id_provider should init Kerberos credentials (TGT). This"
+" action is performed only if SASL is used and the mechanism selected is "
+"GSSAPI."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1184
+msgid "ldap_krb5_ticket_lifetime (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1187
+msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1191
+msgid "Default: 86400 (24 hours)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1197 sssd-krb5.5.xml:74
+msgid "krb5_server (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1200 sssd-krb5.5.xml:77
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled - for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1212 sssd-krb5.5.xml:89
+msgid ""
+"When using service discovery for KDC or kpasswd servers, SSSD first searches"
+" for DNS entries that specify _udp as the protocol and falls back to _tcp if"
+" none are found."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1217 sssd-krb5.5.xml:94
+msgid ""
+"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD."
+" While the legacy name is recognized for the time being, users are advised "
+"to migrate their config files to use <quote>krb5_server</quote> instead."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1226 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+msgid "krb5_realm (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1229
+msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1232
+msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1238 sssd-ipa.5.xml:180 sssd-krb5.5.xml:409
+msgid "krb5_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1241
+msgid ""
+"Specifies if the host pricipal should be canonicalized when connecting to "
+"LDAP server. This feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1253
+msgid "ldap_pwd_policy (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1256
+msgid ""
+"Select the policy to evaluate the password expiration on the client side. "
+"The following values are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1261
+msgid ""
+"<emphasis>none</emphasis> - No evaluation on the client side. This option "
+"cannot disable server-side password policies."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1266
+msgid ""
+"<emphasis>shadow</emphasis> - Use "
+"<citerefentry><refentrytitle>shadow</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> style attributes to evaluate if the "
+"password has expired. Note that the current version of sssd cannot update "
+"this attribute during a password change."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1274
+msgid ""
+"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
+"to determine if the password has expired. Use chpass_provider=krb5 to update"
+" these attributes when the password is changed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1286
+msgid "ldap_referrals (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1289
+msgid "Specifies whether automatic referral chasing should be enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1293
+msgid ""
+"Please note that sssd only supports referral chasing when it is compiled "
+"with OpenLDAP version 2.4.13 or higher."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1304
+msgid "ldap_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1307
+msgid "Specifies the service name to use when service discovery is enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1311
+msgid "Default: ldap"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1317
+msgid "ldap_chpass_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1320
+msgid ""
+"Specifies the service name to use to find an LDAP server which allows "
+"password changes when service discovery is enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1325
+msgid "Default: not set, i.e. service discovery is disabled"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1331
+msgid "ldap_access_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1334
+msgid ""
+"If using access_provider = ldap, this option is mandatory. It specifies an "
+"LDAP search filter criteria that must be met for the user to be granted "
+"access on this host. If access_provider = ldap and this option is not set, "
+"it will result in all users being denied access. Use access_provider = allow"
+" to change this default behavior."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:1570
+msgid "Example:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1347
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+" "
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1351
+msgid ""
+"This example means that access to this host is restricted to members of the "
+"\"allowedusers\" group in ldap."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1356
+msgid ""
+"Offline caching for this feature is limited to determining whether the "
+"user's last online login was granted access permission. If they were granted"
+" access during their last login, they will continue to be granted access "
+"while offline and vice-versa."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1364 sssd-ldap.5.xml:1414
+msgid "Default: Empty"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1370
+msgid "ldap_account_expire_policy (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1373
+msgid ""
+"With this option a client side evaluation of access control attributes can "
+"be enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1377
+msgid ""
+"Please note that it is always recommended to use server side access control,"
+" i.e. the LDAP server should deny the bind request with a suitable error "
+"code even if the password is correct."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1384
+msgid "The following values are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1387
+msgid ""
+"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
+"determine if the account is expired."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1392
+msgid ""
+"<emphasis>ad</emphasis>: use the value of the 32bit field "
+"ldap_user_ad_user_account_control and allow access if the second bit is not "
+"set. If the attribute is missing access is granted. Also the expiration time"
+" of the account is checked."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1399
+msgid ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, "
+"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check "
+"if access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1405
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1420
+msgid "ldap_access_order (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1423
+msgid "Comma separated list of access control options. Allowed values are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1427
+msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1430
+msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1434
+msgid ""
+"<emphasis>authorized_service</emphasis>: use the authorizedService attribute"
+" to determine access"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1439
+msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1443
+msgid "Default: filter"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1446
+msgid ""
+"Please note that it is a configuration error if a value is used more than "
+"once."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1453
+msgid "ldap_deref (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1456
+msgid ""
+"Specifies how alias dereferencing is done when performing a search. The "
+"following options are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1461
+msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1465
+msgid ""
+"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
+"the base object, but not in locating the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1470
+msgid ""
+"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
+"the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1475
+msgid ""
+"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
+"in locating the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1480
+msgid ""
+"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
+"client libraries)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:51
+msgid ""
+"All of the common configuration options that apply to SSSD domains also "
+"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
+"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for full details. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1492
+msgid "ADVANCED OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1499
+msgid "ldap_netgroup_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1502
+msgid ""
+"An optional base DN to restrict netgroup searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1506 sssd-ldap.5.xml:1525 sssd-ldap.5.xml:1544
+msgid ""
+"See <quote>ldap_search_base</quote> for information about configuring "
+"multiple search bases."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 sssd-ldap.5.xml:1549
+msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1518
+msgid "ldap_user_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1521
+msgid "An optional base DN to restrict user searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1537
+msgid "ldap_group_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1540
+msgid "An optional base DN to restrict group searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1556
+msgid "ldap_user_search_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1559
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict user searches."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1563
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_user_search_base."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1573
+#, no-wrap
+msgid ""
+" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+" "
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1576
+msgid ""
+"This filter would restrict user searches to users that have their shell set "
+"to /bin/tcsh."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1583
+msgid "ldap_group_search_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1586
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict group searches."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1590
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_group_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1494
+msgid ""
+"These options are supported by LDAP domains, but they should be used with "
+"caution. Please include them in your configuration only if you know what you"
+" are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1610
+msgid ""
+"The following example assumes that SSSD is correctly configured and LDAP is "
+"set to one of the domains in the <replaceable>[domains]</replaceable> "
+"section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ldap.5.xml:1616
+#, no-wrap
+msgid ""
+" [domain/LDAP]\n"
+" id_provider = ldap\n"
+" auth_provider = ldap\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
+" ldap_tls_reqcert = demand\n"
+" cache_credentials = true\n"
+" enumerate = true\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1615 sssd-simple.5.xml:134 sssd-ipa.5.xml:255
+#: sssd-krb5.5.xml:441
+msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1629 sssd_krb5_locator_plugin.8.xml:61
+msgid "NOTES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1631
+msgid ""
+"The descriptions of some of the configuration options in this manual page "
+"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
+"distribution."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1642
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <refentryinfo>
+#: pam_sss.8.xml:8 include/upstream.xml:2
+msgid ""
+"<productname>SSSD</productname> <orgname>The SSSD upstream - "
+"http://fedorahosted.org/sssd</orgname>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: pam_sss.8.xml:13 pam_sss.8.xml:18
+msgid "pam_sss"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: pam_sss.8.xml:19
+msgid "PAM module for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: pam_sss.8.xml:24
+msgid ""
+"<command>pam_sss.so</command> <arg choice='opt'> "
+"<replaceable>quiet</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>forward_pass</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>use_first_pass</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>use_authtok</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>retry=N</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:45
+msgid ""
+"<command>pam_sss.so</command> is the PAM interface to the System Security "
+"Services daemon (SSSD). Errors and results are logged through "
+"<command>syslog(3)</command> with the LOG_AUTHPRIV facility."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:55
+msgid "<option>quiet</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:58
+msgid "Suppress log messages for unknown users."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:63
+msgid "<option>forward_pass</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:66
+msgid ""
+"If <option>forward_pass</option> is set the entered password is put on the "
+"stack for other PAM modules to use."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:73
+msgid "<option>use_first_pass</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:76
+msgid ""
+"The argument use_first_pass forces the module to use a previous stacked "
+"modules password and will never prompt the user - if no password is "
+"available or the password is not appropriate, the user will be denied "
+"access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:84
+msgid "<option>use_authtok</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:87
+msgid ""
+"When password changing enforce the module to set the new password to the one"
+" provided by a previously stacked password module."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:94
+msgid "<option>retry=N</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:97
+msgid ""
+"If specified the user is asked another N times for a password if "
+"authentication fails. Default is 0."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:99
+msgid ""
+"Please note that this option might not work as expected if the application "
+"calling PAM handles the user dialog on its own. A typical example is "
+"<command>sshd</command> with <option>PasswordAuthentication</option>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:110
+msgid "MODULE TYPES PROVIDED"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:111
+msgid ""
+"All module types (<option>account</option>, <option>auth</option>, "
+"<option>password</option> and <option>session</option>) are provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:117
+msgid "FILES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:118
+msgid ""
+"If a password reset by root fails, because the corresponding SSSD provider "
+"does not support password resets, an individual message can be displayed. "
+"This message can e.g. contain instructions about how to reset a password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:123
+msgid ""
+"The message is read from the file "
+"<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a "
+"locale string returned by <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> "
+"</citerefentry>. If there is no matching file the content of "
+"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be"
+" the owner of the files and only root may have read and write permissions "
+"while all other users must have only read permissions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:133
+msgid ""
+"These files are searched in the directory "
+"<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file "
+"is present a generic message is displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:141
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
+msgid "sssd_krb5_locator_plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:22
+msgid ""
+"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
+"used by the Kerberos provider of <citerefentry> "
+"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>"
+" to tell the Kerberos libraries what Realm and which KDC to use. Typically "
+"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> which is always read by the "
+"Kerberos libraries. To simplify the configuration the Realm and the KDC can "
+"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> "
+"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:48
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> puts the Realm and the name or IP address of the KDC into "
+"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
+"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
+"libraries it reads and evaluates these variable and returns them to the "
+"libraries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:63
+msgid ""
+"Not all Kerberos implementations support the use of plugins. If "
+"<command>sssd_krb5_locator_plugin</command> is not available on your system "
+"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:69
+msgid ""
+"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+"debug messages will be sent to stderr."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:77
+msgid ""
+"<citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
+msgid "sssd-simple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-simple.5.xml:17
+msgid "the configuration file for SSSD's 'simple' access-control provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:24
+msgid ""
+"This manual page describes the configuration of the simple access-control "
+"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
+"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:38
+msgid ""
+"The simple access provider grants or denies access based on an access or "
+"deny list of user or group names. The following rules apply:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:43
+msgid "If all lists are empty, access is granted"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:47
+msgid ""
+"If any list is provided, the order of evaluation is allow,deny. This means "
+"that any matching deny rule will supersede any matched allow rule."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:54
+msgid ""
+"If either or both \"allow\" lists are provided, all users are denied unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:60
+msgid ""
+"If only \"deny\" lists are provided, all users are granted access unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:78
+msgid "simple_allow_users (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:81
+msgid "Comma separated list of users who are allowed to log in."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:88
+msgid "simple_deny_users (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:91
+msgid "Comma separated list of users who are explicitly denied access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:97
+msgid "simple_allow_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:100
+msgid ""
+"Comma separated list of groups that are allowed to log in. This applies only"
+" to groups within this SSSD domain. Local groups are not evaluated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:108
+msgid "simple_deny_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:111
+msgid ""
+"Comma separated list of groups that are explicitly denied access. This "
+"applies only to groups within this SSSD domain. Local groups are not "
+"evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62
+msgid ""
+"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:120
+msgid ""
+"Please note that it is an configuration error if both, simple_allow_users "
+"and simple_deny_users, are defined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:128
+msgid ""
+"The following example assumes that SSSD is correctly configured and "
+"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
+"section. This examples shows only the simple access provider-specific "
+"options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-simple.5.xml:135
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" access_provider = simple\n"
+" simple_allow_users = user1, user2\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:145
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
+msgid "sssd-ipa"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:23
+msgid ""
+"This manual page describes the configuration of the IPA provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:36
+msgid ""
+"The IPA provider is a back end used to connect to an IPA server. (Refer to "
+"the freeipa.org web site for information about IPA servers.) This provider "
+"requires that the machine be joined to the IPA domain; configuration is "
+"almost entirely self-discovered and obtained directly from the server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:43
+msgid ""
+"The IPA provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> identity provider and the <citerefentry> <refentrytitle"
+">sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> "
+"authentication provider. However, it is neither necessary nor recommended "
+"to set these options. IPA provider can also be used as an access and chpass"
+" provider. As an access provider it uses HBAC (host-based access control) "
+"rules. Please refer to freeipa.org for more information about HBAC. No "
+"configuration of access provider is required on the client side."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:69
+msgid "ipa_domain (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:72
+msgid ""
+"Specifies the name of the IPA domain. This is optional. If not provided, "
+"the configuration domain name is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:80
+msgid "ipa_server (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:83
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the IPA servers to "
+"which SSSD should connect in the order of preference. For more information "
+"on failover and server redundancy, see the <quote>FAILOVER</quote> section."
+" This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> "
+"section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:96
+msgid "ipa_hostname (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:99
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the IPA domain to identify this host."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:107
+msgid "ipa_dyndns_update (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:110
+msgid ""
+"Optional. This option tells SSSD to automatically update the DNS server "
+"built into FreeIPA v2 with the IP address of this client."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:121
+msgid "ipa_dyndns_iface (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:124
+msgid ""
+"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
+"interface whose IP address should be used for dynamic DNS updates."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:129
+msgid "Default: Use the IP address of the IPA LDAP connection"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:135
+msgid "ipa_hbac_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"Optional. Use the given string as search base for HBAC related objects."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:142
+msgid "Default: Use base DN"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:148 sssd-krb5.5.xml:229
+msgid "krb5_validate (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:151 sssd-krb5.5.xml:232
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:158
+msgid ""
+"Note that this default differs from the traditional Kerberos provider back "
+"end."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:168
+msgid ""
+"The name of the Kerberos realm. This is optional and defaults to the value "
+"of <quote>ipa_domain</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:172
+msgid ""
+"The name of the Kerberos realm has a special meaning in IPA - it is "
+"converted into the base DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:183
+msgid ""
+"Specifies if the host and user pricipal should be canonicalized when "
+"connecting to IPA LDAP and also for AS requests. This feature is available "
+"with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:196
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:199
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server."
+" This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:211
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:214
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users"
+" of FreeIPA will need to migrate their rules to use only the ALLOW rules. "
+"The client will support two modes of operation during this transition "
+"period:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:223
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:228
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:233
+msgid "Default: DENY_ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:249
+msgid ""
+"The following example assumes that SSSD is correctly configured and "
+"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
+"section. This examples shows only the ipa provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ipa.5.xml:256
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" id_provider = ipa\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:267
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.8.xml:10 sssd.8.xml:15
+msgid "sssd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.8.xml:16
+msgid "System Security Services Daemon"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sssd.8.xml:21
+msgid ""
+"<command>sssd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:31
+msgid ""
+"<command>SSSD</command> provides a set of daemons to manage access to remote"
+" directories and authentication mechanisms. It provides an NSS and PAM "
+"interface toward the system and a pluggable backend system to connect to "
+"multiple different account sources as well as D-Bus interface. It is also "
+"the basis to provide client auditing and policy services for projects like "
+"FreeIPA. It provides a more robust database to store local users as well as "
+"extended user data."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:46
+msgid ""
+"<option>-d</option>,<option>--debug-level</option> "
+"<replaceable>LEVEL</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:53
+msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:57
+msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:60
+msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:69
+msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:73
+msgid ""
+"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:76
+msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:79
+msgid "Default: 0"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:85
+msgid "<option>-f</option>,<option>--debug-to-files</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:89
+msgid ""
+"Send the debug output to files instead of stderr. By default, the log files "
+"are stored in <filename>/var/log/sssd</filename> and there are separate log "
+"files for every SSSD service and domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:97
+msgid "<option>-D</option>,<option>--daemon</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:101
+msgid "Become a daemon after starting up."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:107
+msgid "<option>-i</option>,<option>--interactive</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:111
+msgid "Run in the foreground, don't become a daemon."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:117
+msgid "<option>-c</option>,<option>--config</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:121
+msgid ""
+"Specify a non-default config file. The default is "
+"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file "
+"syntax and options, consult the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.8.xml:137
+msgid "Signals"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:140
+msgid "SIGTERM/SIGINT"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:143
+msgid ""
+"Informs the SSSD to gracefully terminate all of its child processes and then"
+" shut down the monitor."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:149
+msgid "SIGHUP"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:152
+msgid ""
+"Tells the SSSD to stop writing to its current debug file descriptors and to "
+"close and reopen them. This is meant to facilitate log rolling with programs"
+" like logrotate."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:160
+msgid "SIGUSR1"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:163
+msgid ""
+"Tells the SSSD to simulate offline operation for one minute. This is mostly "
+"useful for testing purposes."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:169
+msgid "SIGUSR2"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:172
+msgid ""
+"Tells the SSSD to go online immediately. This is mostly useful for testing "
+"purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:183
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
+msgid "sss_obfuscate"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_obfuscate.8.xml:16
+msgid "obfuscate a clear text password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_obfuscate.8.xml:21
+msgid ""
+"<command>sss_obfuscate</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>[PASSWORD]</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:32
+msgid ""
+"<command>sss_obfuscate</command> converts a given password into human-"
+"unreadable format and places it into appropriate domain section of the SSSD "
+"config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:37
+msgid ""
+"The cleartext password is read from standard input or entered interactively."
+" The obfuscated password is put into <quote>ldap_default_authtok</quote> "
+"parameter of a given SSSD domain and the "
+"<quote>ldap_default_authtok_type</quote> parameter is set to "
+"<quote>obfuscated_password</quote>. Refer to <citerefentry> <refentrytitle"
+">sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more"
+" details on these parameters."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:49
+msgid ""
+"Please note that obfuscating the password provides <emphasis>no real "
+"security benefit</emphasis> as it is still possible for an attacker to "
+"reverse-engineer the password back. Using better authentication mechanisms "
+"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
+"advised."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:63
+msgid "<option>-s</option>,<option>--stdin</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:67
+msgid "The password to obfuscate will be read from standard input."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:74
+msgid ""
+"<option>-d</option>,<option>--domain</option> "
+"<replaceable>DOMAIN</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:79
+msgid ""
+"The SSSD domain to use the password in. The default name is "
+"<quote>default</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:86
+msgid ""
+"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:91
+msgid "Read the config file specified by the positional parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:95
+msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:105
+msgid ""
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
+msgid "sss_useradd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_useradd.8.xml:16
+msgid "create a new user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_useradd.8.xml:21
+msgid ""
+"<command>sss_useradd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:32
+msgid ""
+"<command>sss_useradd</command> creates a new user account using the values "
+"specified on the command line plus the default values from the system."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:43
+msgid ""
+"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:48
+msgid ""
+"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:55 sss_usermod.8.xml:43
+msgid ""
+"<option>-c</option>,<option>--gecos</option> "
+"<replaceable>COMMENT</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:60 sss_usermod.8.xml:48
+msgid ""
+"Any text string describing the user. Often used as the field for the user's "
+"full name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:67 sss_usermod.8.xml:55
+msgid ""
+"<option>-h</option>,<option>--home</option> "
+"<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:72
+msgid ""
+"The home directory of the user account. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
+"that as the home directory. The base that is prepended before "
+"<replaceable>LOGIN</replaceable> is tunable with "
+"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:82 sss_usermod.8.xml:66
+msgid ""
+"<option>-s</option>,<option>--shell</option> "
+"<replaceable>SHELL</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:87
+msgid ""
+"The user's login shell. The default is currently "
+"<filename>/bin/bash</filename>. The default can be changed with "
+"<quote>user_defaults/defaultShell</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:96
+msgid ""
+"<option>-G</option>,<option>--groups</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:101
+msgid "A list of existing groups this user is also a member of."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:107
+msgid "<option>-m</option>,<option>--create-home</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:111
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the -k option or in the config file) will be copied to the home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:121
+msgid "<option>-M</option>,<option>--no-create-home</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:125
+msgid ""
+"Do not create the user's home directory. Overrides configuration settings."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:132
+msgid ""
+"<option>-k</option>,<option>--skel</option> "
+"<replaceable>SKELDIR</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:137
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in"
+" the user's home directory, when the home directory is created by "
+"<command>sss_useradd</command>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:143
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified, or creation of home directories is set "
+"to TRUE in the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
+msgid ""
+"<option>-Z</option>,<option>--selinux-user</option> "
+"<replaceable>SELINUX_USER</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:157
+msgid ""
+"The SELinux user for the user's login. If not specified, the system default "
+"will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:169
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
+msgid "sssd-krb5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:23
+msgid ""
+"This manual page describes the configuration of the Kerberos 5 "
+"authentication backend for <citerefentry> "
+"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, please refer to the "
+"<quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:36
+msgid ""
+"The Kerberos 5 authentication backend contains auth and chpass providers. It"
+" must be paired with identity provider in order to function properly (for "
+"example, id_provider = ldap). Some information required by the Kerberos 5 "
+"authentication backend must be provided by the identity provider, such as "
+"the user's Kerberos Principal Name (UPN). The configuration of the identity "
+"provider should have an entry to specify the UPN. Please refer to the man "
+"page for the applicable identity provider for details on how to configure "
+"this."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:47
+msgid ""
+"This backend also provides access control based on the .k5login file in the "
+"home directory of the user. See <citerefentry> "
+"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry> for more details. Please note that an empty .k5login file "
+"will deny all access to this user. To activate this feature use "
+"'access_provider = krb5' in your sssd configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:55
+msgid ""
+"In the case where the UPN is not available in the identity backend "
+"<command>sssd</command> will construct a UPN using the format "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:106
+msgid ""
+"The name of the Kerberos realm. This option is required and must be "
+"specified."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:113
+msgid "krb5_kpasswd (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:116
+msgid ""
+"If the change password service is not running on the KDC alternative servers"
+" can be defined here. An optional port number (preceded by a colon) may be "
+"appended to the addresses or hostnames."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:122
+msgid ""
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. Please note that even if there are no more"
+" kpasswd servers to try the back end is not switch to offline if "
+"authentication against the KDC is still possible."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:129
+msgid "Default: Use the KDC"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:135
+msgid "krb5_ccachedir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:138
+msgid ""
+"Directory to store credential caches. All the substitution sequences of "
+"krb5_ccname_template can be used here, too, except %d and %P. If the "
+"directory does not exist it will be created. If %u, %U, %p or %h are used a "
+"private directory belonging to the user is created. Otherwise a public "
+"directory with restricted deletion flag (aka sticky bit, see <citerefentry> "
+"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
+"</citerefentry> for details) is created."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:151
+msgid "Default: /tmp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:157
+msgid "krb5_ccname_template (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:171
+msgid "login UID"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:174
+msgid "%p"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:175
+msgid "principal name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:179
+msgid "%r"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:180
+msgid "realm name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:183
+msgid "%h"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:184
+msgid "home directory"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:189
+msgid "value of krb5ccache_dir"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:194
+msgid "%P"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:195
+msgid "the process ID of the sssd client"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:160
+msgid ""
+"Location of the user's credential cache. Currently only file based "
+"credential caches are supported. In the template the following sequences are"
+" substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template "
+"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe "
+"way."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:209
+msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:215
+msgid "krb5_auth_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:218
+msgid ""
+"Timeout in seconds after an online authentication or change password request"
+" is aborted. If possible the authentication request is continued offline."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:241
+msgid "krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:244
+msgid ""
+"The location of the keytab to use when validating credentials obtained from "
+"KDCs."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:248
+msgid "Default: /etc/krb5.keytab"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:254
+msgid "krb5_store_password_if_offline (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:257
+msgid ""
+"Store the password of the user if the provider is offline and use it to "
+"request a TGT when the provider gets online again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:262
+msgid ""
+"Please note that this feature currently only available on a Linux platform. "
+"Passwords stored in this way are kept in plaintext in the kernel keyring and"
+" are potentially accessible by the root user (with difficulty)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:275
+msgid "krb5_renewable_lifetime (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:278
+msgid ""
+"Request a renewable ticket with a total lifetime given by an integer "
+"immediately followed by one of the following delimiters:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319
+msgid "<emphasis>s</emphasis> seconds"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322
+msgid "<emphasis>m</emphasis> minutes"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325
+msgid "<emphasis>h</emphasis> hours"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328
+msgid "<emphasis>d</emphasis> days."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331
+msgid "If there is no delimiter <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:299
+msgid ""
+"Please note that it is not possible to mix units. If you want to set the "
+"renewable lifetime to one and a half hours please use '90m' instead of "
+"'1h30m'."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:305
+msgid "Default: not set, i.e. the TGT is not renewable"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:311
+msgid "krb5_lifetime (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:314
+msgid ""
+"Request ticket with a with a lifetime given by an integer immediately "
+"followed by one of the following delimiters:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:335
+msgid ""
+"Please note that it is not possible to mix units. If you want to set the "
+"lifetime to one and a half hours please use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:340
+msgid ""
+"Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:347
+msgid "krb5_renew_interval (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:350
+msgid ""
+"The time in seconds between two checks if the TGT should be renewed. TGTs "
+"are renewed if about half of their lifetime is exceeded."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:355
+msgid "If this option is not set or 0 the automatic renewal is disabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:365
+msgid "krb5_use_fast (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:368
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:373
+msgid ""
+"<emphasis>never</emphasis> use FAST, this is equivalent to not set this "
+"option at all."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:377
+msgid ""
+"<emphasis>try</emphasis> to use FAST, if the server does not support fast "
+"continue without."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:381
+msgid ""
+"<emphasis>demand</emphasis> to use FAST, fail if the server does not require"
+" fast."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:385
+msgid "Default: not set, i.e. FAST is not used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:388
+msgid "Please note that a keytab is required to use fast."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:391
+msgid ""
+"Please note also that sssd supports fast only with MIT Kerberos version 1.8 "
+"and above. If sssd used used with an older version using this option is a "
+"configuration error."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:400
+msgid "krb5_fast_principal (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:403
+msgid "Specifies the server principal to use for FAST."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:412
+msgid ""
+"Specifies if the host and user pricipal should be canonicalized. This "
+"feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:65
+msgid ""
+"If the auth-module krb5 is used in a SSSD domain, the following options must"
+" be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN "
+"SECTIONS</quote> for details on the configuration of a SSSD domain. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:434
+msgid ""
+"The following example assumes that SSSD is correctly configured and FOO is "
+"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
+"example shows only configuration of Kerberos authentication, it does not "
+"include any identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-krb5.5.xml:442
+#, no-wrap
+msgid ""
+" [domain/FOO]\n"
+" auth_provider = krb5\n"
+" krb5_server = 192.168.1.1\n"
+" krb5_realm = EXAMPLE.COM\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:453
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
+msgid "sss_groupadd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupadd.8.xml:16
+msgid "create a new group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupadd.8.xml:21
+msgid ""
+"<command>sss_groupadd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:32
+msgid ""
+"<command>sss_groupadd</command> creates a new group. These groups are "
+"compatible with POSIX groups, with the additional feature that they can "
+"contain other groups as members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupadd.8.xml:43
+msgid ""
+"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupadd.8.xml:48
+msgid ""
+"Set the GID of the group to the value of <replaceable>GID</replaceable>. If"
+" not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:60
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
+msgid "sss_userdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_userdel.8.xml:16
+msgid "delete a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_userdel.8.xml:21
+msgid ""
+"<command>sss_userdel</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:32
+msgid ""
+"<command>sss_userdel</command> deletes a user identified by login name "
+"<replaceable>LOGIN</replaceable> from the system."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:44
+msgid "<option>-r</option>,<option>--remove</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:48
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:56
+msgid "<option>-R</option>,<option>--no-remove</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:60
+msgid ""
+"Files in the user's home directory will NOT be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:68
+msgid "<option>-f</option>,<option>--force</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:72
+msgid ""
+"This option forces <command>sss_userdel</command> to remove the user's home "
+"directory and mail spool, even if they are not owned by the specified user."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:80
+msgid "<option>-k</option>,<option>--kick</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:84
+msgid "Before actually deleting the user, terminate all his processes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:95
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
+msgid "sss_groupdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupdel.8.xml:16
+msgid "delete a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupdel.8.xml:21
+msgid ""
+"<command>sss_groupdel</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:32
+msgid ""
+"<command>sss_groupdel</command> deletes a group identified by its name "
+"<replaceable>GROUP</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:48
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
+msgid "sss_groupshow"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupshow.8.xml:16
+msgid "print properties of a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupshow.8.xml:21
+msgid ""
+"<command>sss_groupshow</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:32
+msgid ""
+"<command>sss_groupshow</command> displays information about a group "
+"identified by its name <replaceable>GROUP</replaceable>. The information "
+"includes the group ID number, members of the group and the parent group."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupshow.8.xml:43
+msgid "<option>-R</option>,<option>--recursive</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupshow.8.xml:47
+msgid ""
+"Also print indirect group members in a tree-like hierarchy. Note that this "
+"also affects printing parent groups - without <option>R</option>, only the "
+"direct parent will be printed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:60
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
+msgid "sss_usermod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_usermod.8.xml:16
+msgid "modify a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_usermod.8.xml:21
+msgid ""
+"<command>sss_usermod</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:32
+msgid ""
+"<command>sss_usermod</command> modifies the account specified by "
+"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
+"on the command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:60
+msgid "The home directory of the user account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:71
+msgid "The user's login shell."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:82
+msgid ""
+"Append this user to groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter. The "
+"<replaceable>GROUPS</replaceable> parameter is a comma separated list of "
+"group names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:96
+msgid ""
+"Remove this user from groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:103
+msgid "<option>-l</option>,<option>--lock</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:107
+msgid "Lock the user account. The user won't be able to log in."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:114
+msgid "<option>-u</option>,<option>--unlock</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:118
+msgid "Unlock the user account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:129
+msgid "The SELinux user for the user's login."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:140
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/service_discovery.xml:2
+msgid "SERVICE DISCOVERY"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/service_discovery.xml:4
+msgid ""
+"The service discovery feature allows back ends to automatically find the "
+"appropriate servers to connect to using a special DNS query."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:9
+msgid "Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:11
+msgid ""
+"If no servers are specified, the back end automatically uses service "
+"discovery to try to find a server. Optionally, the user may choose to use "
+"both fixed server addresses and service discovery by inserting a special "
+"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
+"preference is maintained. This feature is useful if, for example, the user "
+"prefers to use service discovery whenever possible, and fall back to a "
+"specific server when no servers can be discovered using DNS."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:23
+msgid "The domain name"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:25
+msgid ""
+"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:35
+msgid "The protocol"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:37
+msgid ""
+"The queries usually specify _tcp as the protocol. Exceptions are documented "
+"in respective option description."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:42
+msgid "See Also"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:44
+msgid ""
+"For more information on the service discovery mechanism, refer to RFC 2782."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/upstream.xml:1
+msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/failover.xml:2
+msgid "FAILOVER"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/failover.xml:4
+msgid ""
+"The failover feature allows back ends to automatically switch to a different"
+" server if the primary server fails."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:8
+msgid "Failover Syntax"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:10
+msgid ""
+"The list of servers is given as a comma-separated list; any number of spaces"
+" is allowed around the comma. The servers are listed in order of preference."
+" The list can contain any number of servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:17
+msgid "The Failover Mechanism"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:19
+msgid ""
+"The failover mechanism distinguishes between a machine and a service. The "
+"back end first tries to resolve the hostname of a given machine; if this "
+"resolution attempt fails, the machine is considered offline. No further "
+"attempts are made to connect to this machine for any other service. If the "
+"resolution attempt succeeds, the back end tries to connect to a service on "
+"this machine. If the service connection attempt fails, then only this "
+"particular service is considered offline and the back end automatically "
+"switches over to the next service. The machine is still considered online "
+"and might still be tried for another service."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:32
+msgid ""
+"Further connection attempts are made to machines or services marked as "
+"offline after a specified period of time; this is currently hard coded to 30"
+" seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:37
+msgid ""
+"If there are no more machines to try, the back end as a whole switches to "
+"offline mode, and then attempts to reconnect every 30 seconds."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help.xml:3
+msgid "<option>-h</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/param_help.xml:7
+msgid "Display help message and exit."
+msgstr ""
+
+
diff --git a/src/man/po/bn.po b/src/man/po/bn.po
index f762124f..cab4308c 100644
--- a/src/man/po/bn.po
+++ b/src/man/po/bn.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Bengali <info@ankur.org.bd>\n"
diff --git a/src/man/po/bn_IN.po b/src/man/po/bn_IN.po
index 5d072b30..bd54c24a 100644
--- a/src/man/po/bn_IN.po
+++ b/src/man/po/bn_IN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Bengali (India) <anubad@lists.ankur.org.in>\n"
diff --git a/src/man/po/cs_CZ.po b/src/man/po/cs_CZ.po
index 7ae1e8ba..02c12fbc 100644
--- a/src/man/po/cs_CZ.po
+++ b/src/man/po/cs_CZ.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/da.po b/src/man/po/da.po
index 85d97a29..df02461d 100644
--- a/src/man/po/da.po
+++ b/src/man/po/da.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
diff --git a/src/man/po/de_CH.po b/src/man/po/de_CH.po
index 91a2d00e..794681d9 100644
--- a/src/man/po/de_CH.po
+++ b/src/man/po/de_CH.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/el.po b/src/man/po/el.po
index c169fd8a..e21be533 100644
--- a/src/man/po/el.po
+++ b/src/man/po/el.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Greek <trans-el@lists.fedoraproject.org>\n"
diff --git a/src/man/po/et.po b/src/man/po/et.po
index 701e1aec..7edb09a1 100644
--- a/src/man/po/et.po
+++ b/src/man/po/et.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Estonian (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/fa_IR.po b/src/man/po/fa_IR.po
index 6ecfbe45..3f483e5f 100644
--- a/src/man/po/fa_IR.po
+++ b/src/man/po/fa_IR.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/fi.po b/src/man/po/fi.po
index c23b7084..4a127c56 100644
--- a/src/man/po/fi.po
+++ b/src/man/po/fi.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Finnish (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/gu.po b/src/man/po/gu.po
index 5f131cea..b4b042ce 100644
--- a/src/man/po/gu.po
+++ b/src/man/po/gu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Gujarati <trans-gu@lists.fedoraproject.org>\n"
diff --git a/src/man/po/hi.po b/src/man/po/hi.po
index f7f106cc..d04daa77 100644
--- a/src/man/po/hi.po
+++ b/src/man/po/hi.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Hindi <indlinux-hindi@lists.sourceforge.net>\n"
diff --git a/src/man/po/hu.po b/src/man/po/hu.po
index 92c3adad..b02cd569 100644
--- a/src/man/po/hu.po
+++ b/src/man/po/hu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Hungarian <trans-hu@lists.fedoraproject.org>\n"
diff --git a/src/man/po/is.po b/src/man/po/is.po
index b8a94710..07fedcd3 100644
--- a/src/man/po/is.po
+++ b/src/man/po/is.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Icelandic (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/ja_JP.po b/src/man/po/ja_JP.po
index 72b5a6b6..2d43cee9 100644
--- a/src/man/po/ja_JP.po
+++ b/src/man/po/ja_JP.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/kn.po b/src/man/po/kn.po
index 6945c206..378e77c1 100644
--- a/src/man/po/kn.po
+++ b/src/man/po/kn.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Kannada (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/ko.po b/src/man/po/ko.po
index 3c9910b3..4c4a70af 100644
--- a/src/man/po/ko.po
+++ b/src/man/po/ko.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Korean (http://www.transifex.net/projects/p/fedora/team/ko/)\n"
diff --git a/src/man/po/lt.po b/src/man/po/lt.po
index bf09c86c..c2698283 100644
--- a/src/man/po/lt.po
+++ b/src/man/po/lt.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Lithuanian (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/lt_LT.po b/src/man/po/lt_LT.po
index 4cce30ff..c73186f2 100644
--- a/src/man/po/lt_LT.po
+++ b/src/man/po/lt_LT.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/mai.po b/src/man/po/mai.po
index bb9218a8..fbae29ff 100644
--- a/src/man/po/mai.po
+++ b/src/man/po/mai.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Maithili (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/ml.po b/src/man/po/ml.po
index 988b7e91..01b25c9c 100644
--- a/src/man/po/ml.po
+++ b/src/man/po/ml.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Malayalam <discuss@lists.smc.org.in>\n"
diff --git a/src/man/po/mr.po b/src/man/po/mr.po
index 824d624d..bc438ce5 100644
--- a/src/man/po/mr.po
+++ b/src/man/po/mr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Marathi (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/nds.po b/src/man/po/nds.po
index e77f100a..74974c06 100644
--- a/src/man/po/nds.po
+++ b/src/man/po/nds.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Low German <nds-lowgerman@lists.sourceforge.net>\n"
diff --git a/src/man/po/nn.po b/src/man/po/nn.po
index 4f861853..5444e686 100644
--- a/src/man/po/nn.po
+++ b/src/man/po/nn.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Norwegian Nynorsk <i18n-nn@lister.ping.uio.no>\n"
diff --git a/src/man/po/or.po b/src/man/po/or.po
index 170410a8..6f388576 100644
--- a/src/man/po/or.po
+++ b/src/man/po/or.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Oriya (http://www.transifex.net/projects/p/fedora/team/or/)\n"
diff --git a/src/man/po/pa.po b/src/man/po/pa.po
index f6b0293e..00c6d1c7 100644
--- a/src/man/po/pa.po
+++ b/src/man/po/pa.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Panjabi (Punjabi) <punjabi-users@lists.sf.net>\n"
diff --git a/src/man/po/ro.po b/src/man/po/ro.po
index 7bf97571..c17d23d7 100644
--- a/src/man/po/ro.po
+++ b/src/man/po/ro.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Romanian (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/sl.po b/src/man/po/sl.po
index 6b008bdf..5421f9eb 100644
--- a/src/man/po/sl.po
+++ b/src/man/po/sl.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/sq.po b/src/man/po/sq.po
index 03c86965..603bd5e3 100644
--- a/src/man/po/sq.po
+++ b/src/man/po/sq.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Albanian (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/sr.po b/src/man/po/sr.po
index 85fcb566..494735bf 100644
--- a/src/man/po/sr.po
+++ b/src/man/po/sr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Serbian <trans-sr@lists.fedoraproject.org>\n"
diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot
index b7eb741d..92b0397b 100644
--- a/src/man/po/sssd-docs.pot
+++ b/src/man/po/sssd-docs.pot
@@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sssd-docs 1.5.15\n"
+"Project-Id-Version: sssd-docs 1.5.16\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:15-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/sv.po b/src/man/po/sv.po
index 520ec2d6..222faf0b 100644
--- a/src/man/po/sv.po
+++ b/src/man/po/sv.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Swedish (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/ta.po b/src/man/po/ta.po
index cd84cecb..0789399d 100644
--- a/src/man/po/ta.po
+++ b/src/man/po/ta.po
@@ -2,12 +2,13 @@
# Copyright (C) YEAR Red Hat
# This file is distributed under the same license as the sssd-docs package.
#
+# Translators:
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-10-18 13:34-0300\n"
-"PO-Revision-Date: 2011-08-05 11:39+0000\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
+"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Tamil <tamil-users@lists.fedoraproject.org>\n"
"Language: ta\n"
diff --git a/src/man/po/ta_IN.po b/src/man/po/ta_IN.po
index 0c2e353b..0bdf7cbd 100644
--- a/src/man/po/ta_IN.po
+++ b/src/man/po/ta_IN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/te.po b/src/man/po/te.po
index bb31ea53..a616cab9 100644
--- a/src/man/po/te.po
+++ b/src/man/po/te.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Telugu (http://www.transifex.net/projects/p/fedora/team/te/)\n"
diff --git a/src/man/po/tg.po b/src/man/po/tg.po
new file mode 100644
index 00000000..58ea68ad
--- /dev/null
+++ b/src/man/po/tg.po
@@ -0,0 +1,6017 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Red Hat
+# This file is distributed under the same license as the sssd-docs package.
+#
+# Translators:
+msgid ""
+msgstr ""
+"Project-Id-Version: SSSD\n"
+"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
+"POT-Creation-Date: 2011-11-02 16:02-0300\n"
+"PO-Revision-Date: 2011-12-09 09:58+0000\n"
+"Last-Translator: tajikfedora <victor.ibragimov@gmail.com>\n"
+"Language-Team: Tajik (http://www.transifex.net/projects/p/fedora/team/tg/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: tg\n"
+"Plural-Forms: nplurals=2; plural=(n != 1)\n"
+
+#. type: Content of: <reference><title>
+#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
+#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
+#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5
+#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5
+#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5
+msgid "SSSD Manual pages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
+msgid "sss_groupmod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
+#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
+#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
+#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11
+msgid "8"
+msgstr "8"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupmod.8.xml:16
+msgid "modify a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupmod.8.xml:21
+msgid ""
+"<command>sss_groupmod</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
+#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
+#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30
+#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30
+#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30
+msgid "DESCRIPTION"
+msgstr "ШАРҲ"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:32
+msgid ""
+"<command>sss_groupmod</command> modifies the group to reflect the changes "
+"that are specified on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
+#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
+#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
+msgid "OPTIONS"
+msgstr "ИМКОНОТҲО"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
+msgid ""
+"<option>-a</option>,<option>--append-group</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:48
+msgid ""
+"Append this group to groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter. The "
+"<replaceable>GROUPS</replaceable> parameter is a comma separated list of "
+"group names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
+msgid ""
+"<option>-r</option>,<option>--remove-group</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:62
+msgid ""
+"Remove this group from groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1132 sssd-ldap.5.xml:1640
+#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143
+#: sssd-ipa.5.xml:265 sssd.8.xml:181 sss_obfuscate.8.xml:103
+#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58
+#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58
+#: sss_usermod.8.xml:138
+msgid "SEE ALSO"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:74
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.conf.5.xml:10 sssd.conf.5.xml:16
+msgid "sssd.conf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
+#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11
+msgid "5"
+msgstr "5"
+
+#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
+#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
+#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12
+msgid "File Formats and Conventions"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
+#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17
+msgid "the configuration file for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:21
+msgid "FILE FORMAT"
+msgstr "Формати файл"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:29
+#, no-wrap
+msgid ""
+" <replaceable>[section]</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
+" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:24
+msgid ""
+"The file has an ini-style syntax and consists of sections and parameters. A "
+"section begins with the name of the section in square brackets and continues"
+" until the next section begins. An example of section with single and multi-"
+"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:36
+msgid ""
+"The data types used are string (no quotes needed), integer and bool (with "
+"values of <quote>TRUE/FALSE</quote>)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:41
+msgid ""
+"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
+"(<quote>;</quote>)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:46
+msgid ""
+"All sections can have an optional <replaceable>description</replaceable> "
+"parameter. Its function is only as a label for the section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:52
+msgid ""
+"<filename>sssd.conf</filename> must be a regular file, owned by root and "
+"only root may read from or write to the file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:58
+msgid "SPECIAL SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:61
+msgid "The [sssd] section"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sssd.conf.5.xml:70 sssd.conf.5.xml:978
+msgid "Section parameters"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:72
+msgid "config_file_version (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:75
+msgid ""
+"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
+"version 2."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:81
+msgid "services"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:84
+msgid ""
+"Comma separated list of services that are started when sssd itself starts."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:88
+msgid "Supported services: nss, pam"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:93 sssd.conf.5.xml:256
+msgid "reconnection_retries (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:96 sssd.conf.5.xml:259
+msgid ""
+"Number of times services should attempt to reconnect in the event of a Data "
+"Provider crash or restart before they give up"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:264
+msgid "Default: 3"
+msgstr "Пешфарз: 3"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:106
+msgid "domains"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:109
+msgid ""
+"A domain is a database containing user information. SSSD can use more "
+"domains at the same time, but at least one must be configured or SSSD won't "
+"start. This parameter described the list of domains in the order you want "
+"them to be queried."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:119
+msgid "re_expression (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:122
+msgid ""
+"Regular expression that describes how to parse the string containing user "
+"name and domain into these components."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:126
+msgid ""
+"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
+"which translates to \"the name is everything up to the <quote>@</quote> "
+"sign, the domain everything after that\""
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:131
+msgid ""
+"PLEASE NOTE: the support for non-unique named subpatterns is not available "
+"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
+"version 7 or higher can support non-unique named subpatterns."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:138
+msgid ""
+"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
+"(?P&lt;name&gt;) to label subpatterns."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:145
+msgid "full_name_format (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:148
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> "
+"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+"how to translate a (name, domain) tuple into a fully qualified name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:156
+msgid "Default: <quote>%1$s@%2$s</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161
+msgid "try_inotify (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164
+msgid ""
+"SSSD monitors the state of resolv.conf to identify when it needs to update "
+"its internal DNS resolver. By default, we will attempt to use inotify for "
+"this, and will fall back to polling resolv.conf every five seconds if "
+"inotify cannot be used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:172
+msgid ""
+"There are some limited situations where it is preferred that we should skip "
+"even trying to use inotify. In these rare cases, this option should be set "
+"to 'false'"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:178
+msgid ""
+"Default: true on platforms where inotify is supported. False on other "
+"platforms."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:182
+msgid ""
+"Note: this option will have no effect on platforms where inotify is "
+"unavailable. On these platforms, polling will always be used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:189
+msgid "krb5_rcache_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:192
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:196
+msgid ""
+"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
+"SSSD to let libkrb5 decide the appropriate location for the replay cache."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:202
+msgid ""
+"Default: Distribution-specific and specified at build-time. "
+"(__LIBKRB5_DEFAULTS__ if not configured)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:63
+msgid ""
+"Individual pieces of SSSD functionality are provided by special SSSD "
+"services that are started and stopped together with SSSD. The services are "
+"managed by a special service frequently called <quote>monitor</quote>. The "
+"<quote>[sssd]</quote> section is used to configure the monitor as well as "
+"some other important options like the identity domains. <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:215
+msgid "SERVICES SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:217
+msgid ""
+"Settings that can be used to configure different services are described in "
+"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
+"section, for example, for NSS service, the section would be "
+"<quote>[nss]</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:224
+msgid "General service configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:226
+msgid "These options can be used to configure any service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:230
+msgid "debug_level (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:234
+msgid "debug_timestamps (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:237
+msgid "Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:240 sssd.conf.5.xml:375 sssd-ldap.5.xml:1178
+#: sssd-ldap.5.xml:1298 sssd-ipa.5.xml:155 sssd-ipa.5.xml:190
+msgid "Default: true"
+msgstr "Пешфарз: true"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:245
+msgid "debug_microseconds (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:248
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:251 sssd-ldap.5.xml:592 sssd-ldap.5.xml:1110
+#: sssd-ldap.5.xml:1247 sssd-ipa.5.xml:115 sssd-krb5.5.xml:235
+#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418
+msgid "Default: false"
+msgstr "Пешфарз: false"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:269
+msgid "command (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:272
+msgid ""
+"By default, the executable representing this service is called "
+"<command>sssd_${service_name}</command>. This directive allows to change "
+"the executable name for the service. In the vast majority of configurations,"
+" the default values should suffice."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:280
+msgid "Default: <command>sssd_${service_name}</command>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:288
+msgid "NSS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:290
+msgid ""
+"These options can be used to configure the Name Service Switch (NSS) "
+"service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:295
+msgid "enum_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:298
+msgid ""
+"How many seconds should nss_sss cache enumerations (requests for info about "
+"all users)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:302
+msgid "Default: 120"
+msgstr "Пешфарз: 120"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:307
+msgid "entry_cache_nowait_percentage (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:310
+msgid ""
+"The entry cache can be set to automatically update entries in the background"
+" if they are requested beyond a percentage of the entry_cache_timeout value "
+"for the domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:316
+msgid ""
+"For example, if the domain's entry_cache_timeout is set to 30s and "
+"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
+"after 15 seconds past the last cache update will be returned immediately, "
+"but the SSSD will go and update the cache on its own, so that future "
+"requests will not need to block waiting for a cache update."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:326
+msgid ""
+"Valid values for this option are 0-99 and represent a percentage of the "
+"entry_cache_timeout for each domain. For performance reasons, this "
+"percentage will never reduce the nowait timeout to less than 10 seconds. (0"
+" disables this feature)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:334
+msgid "Default: 50"
+msgstr "Пешфарз: 50"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:339
+msgid "entry_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:342
+msgid ""
+"Specifies for how many seconds nss_sss should cache negative cache hits "
+"(that is, queries for invalid database entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:348 sssd-krb5.5.xml:223
+msgid "Default: 15"
+msgstr "Пешфарз: 15"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:353
+msgid "filter_users, filter_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:356
+msgid ""
+"Exclude certain users from being fetched from the sss NSS database. This is "
+"particularly useful for system accounts. This option can also be set per-"
+"domain or include fully-qualified names to filter only users from the "
+"particular domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:363
+msgid "Default: root"
+msgstr "Пешфарз: root"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:368
+msgid "filter_users_in_groups (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:371
+msgid ""
+"If you want filtered user still be group members set this option to false."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:380
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:389 sssd-krb5.5.xml:166
+msgid "%u"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:390 sssd-krb5.5.xml:167
+msgid "login name"
+msgstr "Номи логин"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:393 sssd-krb5.5.xml:170
+msgid "%U"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:394
+msgid "UID number"
+msgstr "Рақами UID"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:397 sssd-krb5.5.xml:188
+msgid "%d"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:398
+msgid "domain name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:401
+msgid "%f"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:402
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:405 sssd-krb5.5.xml:200
+msgid "%%"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:406 sssd-krb5.5.xml:201
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:383
+msgid ""
+"Override the user's home directory. You can either provide an absolute value"
+" or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:412
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:417
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:420
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:423
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:427
+msgid ""
+"2. If the shell is in the allowed_shells list but not in "
+"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:432
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in "
+"<quote>/etc/shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:437
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:440
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:444
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:449
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:452
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:457
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:460
+msgid ""
+"The default shell to use if an allowed shell is not installed on the "
+"machine."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:464
+msgid "Default: /bin/sh"
+msgstr "Пешфарз: /bin/sh"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:471
+msgid "PAM configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:473
+msgid ""
+"These options can be used to configure the Pluggable Authentication Module "
+"(PAM) service."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:478
+msgid "offline_credentials_expiration (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:481
+msgid ""
+"If the authentication provider is offline, how long should we allow cached "
+"logins (in days since the last successful online login)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:486 sssd.conf.5.xml:499
+msgid "Default: 0 (No limit)"
+msgstr "Пешфарз: 0 (Номаҳдуд)"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:492
+msgid "offline_failed_login_attempts (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:495
+msgid ""
+"If the authentication provider is offline, how many failed login attempts "
+"are allowed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:505
+msgid "offline_failed_login_delay (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:508
+msgid ""
+"The time in minutes which has to pass after offline_failed_login_attempts "
+"has been reached before a new login attempt is possible."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:513
+msgid ""
+"If set to 0 the user cannot authenticate offline if "
+"offline_failed_login_attempts has been reached. Only a successful online "
+"authentication can enable enable offline authentication again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:519 sssd.conf.5.xml:572 sssd.conf.5.xml:908
+msgid "Default: 5"
+msgstr "Пешфарз: 5"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:525
+msgid "pam_verbosity (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:528
+msgid ""
+"Controls what kind of messages are shown to the user during authentication. "
+"The higher the number to more messages are displayed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:533
+msgid "Currently sssd supports the following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:536
+msgid "<emphasis>0</emphasis>: do not show any message"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:539
+msgid "<emphasis>1</emphasis>: show only important messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:543
+msgid "<emphasis>2</emphasis>: show informational messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:546
+msgid "<emphasis>3</emphasis>: show all messages and debug information"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:550 sssd.8.xml:63
+msgid "Default: 1"
+msgstr "Пешфарз: 1"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:555
+msgid "pam_id_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:558
+msgid ""
+"For any PAM request while SSSD is online, the SSSD will attempt to "
+"immediately update the cached identity information for the user in order to "
+"ensure that authentication takes place with the latest information."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:564
+msgid ""
+"A complete PAM conversation may perform multiple PAM requests, such as "
+"account management and session opening. This option controls (on a per-"
+"client-application basis) how long (in seconds) we can cache the identity "
+"information to avoid excessive round-trips to the identity provider."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:578
+msgid "pam_pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:581
+msgid "Display a warning N days before the password expires."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:584
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:590
+msgid "Default: 7"
+msgstr "Пешфарз: 7"
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:599
+msgid "DOMAIN SECTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:606
+msgid "min_id,max_id (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:609
+msgid ""
+"UID and GID limits for the domain. If a domain contains an entry that is "
+"outside these limits, it is ignored."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:614
+msgid ""
+"For users, this affects the primary GID limit. The user will not be returned"
+" to NSS if either the UID or the primary GID is outside the range. For non-"
+"primary group memberships, those that are in range will be reported as "
+"expected."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:621
+msgid "Default: 1 for min_id, 0 (no limit) for max_id"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:627
+msgid "timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:630
+msgid ""
+"Timeout in seconds between heartbeats for this domain. This is used to "
+"ensure that the backend process is alive and capable of answering requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:635 sssd-ldap.5.xml:981
+msgid "Default: 10"
+msgstr "Пешфарз: 10"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:641
+msgid "enumerate (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:644
+msgid ""
+"Determines if a domain can be enumerated. This parameter can have one of the"
+" following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:648
+msgid "TRUE = Users and groups are enumerated"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:651
+msgid "FALSE = No enumerations for this domain"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:654 sssd.conf.5.xml:706 sssd.conf.5.xml:760
+msgid "Default: FALSE"
+msgstr "Пешфарз: FALSE"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:657
+msgid ""
+"Note: Enabling enumeration has a moderate performance impact on SSSD while "
+"enumeration is running. It may take up to several minutes after SSSD startup"
+" to fully complete enumerations. During this time, individual requests for "
+"information will go directly to LDAP, though it may be slow, due to the "
+"heavy enumeration processing."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:667
+msgid ""
+"While the first enumeration is running, requests for the complete user or "
+"group lists may return no results until it completes."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:672
+msgid ""
+"Further, enabling enumeration may increase the time necessary to detect "
+"network disconnection, as longer timeouts are required to ensure that "
+"enumeration lookups are completed successfully. For more information, refer"
+" to the man pages for the specific id_provider in use."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:683
+msgid "entry_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:686
+msgid ""
+"How many seconds should nss_sss consider entries valid before asking the "
+"backend again"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:690
+msgid "Default: 5400"
+msgstr "Пешфарз: 5400"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:695
+msgid "cache_credentials (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:698
+msgid "Determines if user credentials are also cached in the local LDB cache"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:702
+msgid "User credentials are stored in a SHA512 hash, not in plaintext"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:711
+msgid "account_cache_expiration (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:714
+msgid ""
+"Number of days entries are left in cache after last successful login before "
+"being removed during a cleanup of the cache. 0 means keep forever. The "
+"value of this parameter must be greater than or equal to "
+"offline_credentials_expiration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:721
+msgid "Default: 0 (unlimited)"
+msgstr "Пешфарз: 0 (номаҳдуд)"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:727
+msgid "id_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:730
+msgid "The Data Provider identity backend to use for this domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:734
+msgid "Supported backends:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:737
+msgid "proxy: Support a legacy NSS provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:740
+msgid "local: SSSD internal local provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:743
+msgid "ldap: LDAP provider"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:749
+msgid "use_fully_qualified_names (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:752
+msgid ""
+"If set to TRUE, all requests to this domain must use fully qualified names. "
+"For example, if used in LOCAL domain that contains a \"test\" user, "
+"<command>getent passwd test</command> wouldn't find the user while "
+"<command>getent passwd test@LOCAL</command> would."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:765
+msgid "auth_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:768
+msgid ""
+"The authentication provider used for the domain. Supported auth providers "
+"are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:772
+msgid ""
+"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:779
+msgid ""
+"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:786
+msgid ""
+"<quote>proxy</quote> for relaying authentication to some other PAM target."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:789
+msgid "<quote>none</quote> disables authentication explicitly."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:792
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"authentication requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:798
+msgid "access_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:801
+msgid ""
+"The access control provider used for the domain. There are two built-in "
+"access providers (in addition to any included in installed backends) "
+"Internal special providers are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:807
+msgid "<quote>permit</quote> always allow access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:810
+msgid "<quote>deny</quote> always deny access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:813
+msgid ""
+"<quote>simple</quote> access control based on access or deny lists. See "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for more information on configuring "
+"the simple access module."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:820
+msgid "Default: <quote>permit</quote>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:825
+msgid "chpass_provider (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:828
+msgid ""
+"The provider which should handle change password operations for the domain."
+" Supported change password providers are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:833
+msgid ""
+"<quote>ipa</quote> to change a password stored in an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring"
+" IPA."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:841
+msgid ""
+"<quote>ldap</quote> to change a password stored in a LDAP server. See "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring"
+" LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:857
+msgid ""
+"<quote>proxy</quote> for relaying password changes to some other PAM target."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:861
+msgid "<quote>none</quote> disallows password changes explicitly."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:864
+msgid ""
+"Default: <quote>auth_provider</quote> is used if it is set and can handle "
+"change password requests."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:871
+msgid "lookup_family_order (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:874
+msgid ""
+"Provides the ability to select preferred address family to use when "
+"performing DNS lookups."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:878
+msgid "Supported values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:881
+msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:884
+msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:887
+msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:890
+msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:893
+msgid "Default: ipv4_first"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:899
+msgid "dns_resolver_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:902
+msgid ""
+"Defines the amount of time (in seconds) to wait for a reply from the DNS "
+"resolver before assuming that it is unreachable. If this timeout is reached,"
+" the domain will continue to operate in offline mode."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:914
+msgid "dns_discovery_domain (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:917
+msgid ""
+"If service discovery is used in the back end, specifies the domain part of "
+"the service discovery DNS query."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:921
+msgid "Default: Use the domain part of machine's hostname"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:927
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:930
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:601
+msgid ""
+"These configuration options can be present in a domain configuration "
+"section, that is, in a section called "
+"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:942
+msgid "proxy_pam_target (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:945
+msgid "The proxy target PAM proxies to."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:948
+msgid ""
+"Default: not set by default, you have to take an existing pam configuration "
+"or create a new one and add the service name here."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:956
+msgid "proxy_lib_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:959
+msgid ""
+"The name of the NSS library to use in proxy domains. The NSS functions "
+"searched for in the library are in the form of _nss_$(libName)_$(function), "
+"for example _nss_files_getpwent."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:938
+msgid ""
+"Options valid for proxy domains. <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:971
+msgid "The local domain section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:973
+msgid ""
+"This section contains settings for domain that stores users and groups in "
+"SSSD native database, that is, a domain that uses "
+"<replaceable>id_provider=local</replaceable>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:980
+msgid "default_shell (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:983
+msgid "The default shell for users created with SSSD userspace tools."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid "Default: <filename>/bin/bash</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:992
+msgid "base_directory (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:995
+msgid ""
+"The tools append the login name to <replaceable>base_directory</replaceable>"
+" and use that as the home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1000
+msgid "Default: <filename>/home</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1005
+msgid "create_homedir (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1008
+msgid ""
+"Indicate if a home directory should be created by default for new users. "
+"Can be overridden on command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1012 sssd.conf.5.xml:1024
+msgid "Default: TRUE"
+msgstr "Пешфарз: TRUE"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1017
+msgid "remove_homedir (bool)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1020
+msgid ""
+"Indicate if a home directory should be removed by default for deleted users."
+" Can be overridden on command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1029
+msgid "homedir_umask (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1032
+msgid ""
+"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
+"on a newly created home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1040
+msgid "Default: 077"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1045
+msgid "skel_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1048
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in"
+" the user's home directory, when the home directory is created by "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1058
+msgid "Default: <filename>/etc/skel</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1063
+msgid "mail_dir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1066
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"default value is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1073
+msgid "Default: <filename>/var/mail</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1078
+msgid "userdel_cmd (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1081
+msgid ""
+"The command that is run after a user is removed. The command us passed the "
+"username of the user being removed as the first and only parameter. The "
+"return code of the command is not taken into account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1087
+msgid "Default: None, no command is run"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:1097 sssd-ldap.5.xml:1608 sssd-simple.5.xml:126
+#: sssd-ipa.5.xml:247 sssd-krb5.5.xml:432
+msgid "EXAMPLE"
+msgstr "НАМУНА"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:1103
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"domains = LDAP\n"
+"services = nss, pam\n"
+"config_file_version = 2\n"
+"\n"
+"[nss]\n"
+"filter_groups = root\n"
+"filter_users = root\n"
+"\n"
+"[pam]\n"
+"\n"
+"[domain/LDAP]\n"
+"id_provider = ldap\n"
+"ldap_uri = ldap://ldap.example.com\n"
+"ldap_search_base = dc=example,dc=com\n"
+"\n"
+"auth_provider = krb5\n"
+"krb5_server = kerberos.example.com\n"
+"krb5_realm = EXAMPLE.COM\n"
+"cache_credentials = true\n"
+"\n"
+"min_id = 10000\n"
+"max_id = 20000\n"
+"enumerate = False\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1099
+msgid ""
+"The following example shows a typical SSSD config. It does not describe "
+"configuration of the domains themselves - refer to documentation on "
+"configuring domains for more details. <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1134
+msgid ""
+"<citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
+msgid "sssd-ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:23
+msgid ""
+"This manual page describes the configuration of LDAP domains for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax "
+"information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:35
+msgid "You can configure SSSD to use more than one LDAP domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:38
+msgid ""
+"LDAP back end supports id, auth, access and chpass providers. If you want to"
+" authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
+"<command>sssd</command> <emphasis>does not</emphasis> support authentication"
+" over an unencrypted channel. If the LDAP server is used only as an "
+"identity provider, an encrypted channel is not needed. Please refer to "
+"<quote>ldap_access_filter</quote> config option for more information about "
+"using LDAP as an access provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61
+#: sssd-krb5.5.xml:63
+msgid "CONFIGURATION OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:60
+msgid "ldap_uri (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:63
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD"
+" should connect in the order of preference. Refer to the "
+"<quote>FAILOVER</quote> section for more information on failover and server "
+"redundancy. If not specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD"
+" should connect in the order of preference to change the password of a user."
+" Refer to the <quote>FAILOVER</quote> section for more information on "
+"failover and server redundancy."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:95
+msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:99
+msgid "Default: empty, i.e. ldap_uri is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:105
+msgid "ldap_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:108
+msgid "The default base DN to use for performing LDAP user operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:112
+msgid ""
+"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
+"syntax:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:116
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:119
+msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:122
+msgid ""
+"The filter must be a valid LDAP search filter as specified by "
+"http://www.ietf.org/rfc/rfc2254.txt"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:126
+msgid "Examples:"
+msgstr "Намунаҳо:"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:129
+msgid ""
+"ldap_search_base = dc=example,dc=com (which is equivalent to) "
+"ldap_search_base = dc=example,dc=com?subtree?"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:134
+msgid ""
+"ldap_search_base = "
+"cn=host_specific,dc=example,dc=com?subtree?(host=thishost)?dc=example.com?subtree?"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:137
+msgid ""
+"Note: It is unsupported to have multiple search bases which reference "
+"identically-named objects (for example, groups with the same name in two "
+"different search bases). This will lead to unpredictable behavior on client "
+"machines."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:144
+msgid ""
+"Default: If not set, the value of the defaultNamingContext or namingContexts"
+" attribute from the RootDSE of the LDAP server is used. If "
+"defaultNamingContext does not exists or has an empty value namingContexts is"
+" used. The namingContexts attribute must have a single value with the DN of"
+" the search base of the LDAP server to make this work. Multiple values are "
+"are not supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:158
+msgid "ldap_schema (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:161
+msgid ""
+"Specifies the Schema Type in use on the target LDAP server. Depending on "
+"the selected schema, the default attribute names retrieved from the servers "
+"may vary. The way that some attributes are handled may also differ. Three "
+"schema types are currently supported: rfc2307 rfc2307bis IPA The main "
+"difference between these schema types is how group memberships are recorded "
+"in the server. With rfc2307, group members are listed by name in the "
+"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group "
+"members are listed by DN and stored in the <emphasis>member</emphasis> "
+"attribute."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:180
+msgid "Default: rfc2307"
+msgstr "Пешфарз: rfc2307"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:186
+msgid "ldap_default_bind_dn (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:189
+msgid "The default bind DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:196
+msgid "ldap_default_authtok_type (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:199
+msgid "The type of the authentication token of the default bind DN."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:203
+msgid "The two mechanisms currently supported are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:206
+msgid "password"
+msgstr "парол"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:209
+msgid "obfuscated_password"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:212
+msgid "Default: password"
+msgstr "Пешфарз: парол"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:218
+msgid "ldap_default_authtok (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:221
+msgid ""
+"The authentication token of the default bind DN. Only clear text passwords "
+"are currently supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:228
+msgid "ldap_user_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:231
+msgid "The object class of a user entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:234
+msgid "Default: posixAccount"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:240
+msgid "ldap_user_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:243
+msgid "The LDAP attribute that corresponds to the user's login name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:247
+msgid "Default: uid"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:253
+msgid "ldap_user_uid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:256
+msgid "The LDAP attribute that corresponds to the user's id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:260
+msgid "Default: uidNumber"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:266
+msgid "ldap_user_gid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:269
+msgid "The LDAP attribute that corresponds to the user's primary group id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:730
+msgid "Default: gidNumber"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:279
+msgid "ldap_user_gecos (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:282
+msgid "The LDAP attribute that corresponds to the user's gecos field."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:286
+msgid "Default: gecos"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:292
+msgid "ldap_user_home_directory (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:295
+msgid ""
+"The LDAP attribute that contains the name of the user's home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:299
+msgid "Default: homeDirectory"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:305
+msgid "ldap_user_shell (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:308
+msgid "The LDAP attribute that contains the path to the user's default shell."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:312
+msgid "Default: loginShell"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:318
+msgid "ldap_user_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:321
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:756 sssd-ldap.5.xml:849
+msgid "Default: nsUniqueId"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:331
+msgid "ldap_user_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:765 sssd-ldap.5.xml:858
+msgid ""
+"The LDAP attribute that contains timestamp of the last modification of the "
+"parent object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:769 sssd-ldap.5.xml:862
+msgid "Default: modifyTimestamp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:344
+msgid "ldap_user_shadow_last_change (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:347
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (date of the last password change)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:357
+msgid "Default: shadowLastChange"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:363
+msgid "ldap_user_shadow_min (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:366
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (minimum password age)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:375
+msgid "Default: shadowMin"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:381
+msgid "ldap_user_shadow_max (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:384
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (maximum password age)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:393
+msgid "Default: shadowMax"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:399
+msgid "ldap_user_shadow_warning (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:402
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (password warning period)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:412
+msgid "Default: shadowWarning"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:418
+msgid "ldap_user_shadow_inactive (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:421
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> counterpart (password inactivity period)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:431
+msgid "Default: shadowInactive"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:437
+msgid "ldap_user_shadow_expire (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:440
+msgid ""
+"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this"
+" parameter contains the name of an LDAP attribute corresponding to its "
+"<citerefentry> <refentrytitle>shadow</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration "
+"date)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:450
+msgid "Default: shadowExpire"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:456
+msgid "ldap_user_krb_last_pwd_change (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:459
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of"
+" an LDAP attribute storing the date and time of last password change in "
+"kerberos."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:465
+msgid "Default: krbLastPwdChange"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:471
+msgid "ldap_user_krb_password_expiration (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:474
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of"
+" an LDAP attribute storing the date and time when current password expires."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:480
+msgid "Default: krbPasswordExpiration"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:486
+msgid "ldap_user_ad_account_expires (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:489
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the expiration time of the account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:494
+msgid "Default: accountExpires"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:500
+msgid "ldap_user_ad_user_account_control (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the user account control bit field."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:508
+msgid "Default: userAccountControl"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:514
+msgid "ldap_ns_account_lock (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:517
+msgid ""
+"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
+"determines if access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:522
+msgid "Default: nsAccountLock"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:528
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:531
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:541
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:544
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:555
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:558
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:563
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:569
+msgid "ldap_user_principal (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:572
+msgid ""
+"The LDAP attribute that contains the user's Kerberos User Principal Name "
+"(UPN)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:576
+msgid "Default: krbPrincipalName"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:582
+msgid "ldap_force_upper_case_realm (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:585
+msgid ""
+"Some directory servers, for example Active Directory, might deliver the "
+"realm part of the UPN in lower case, which might cause the authentication to"
+" fail. Set this option to a non-zero value if you want to use an upper-case "
+"realm."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:598
+msgid "ldap_enumeration_refresh_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:601
+msgid ""
+"The LDAP attribute that contains how many seconds SSSD has to wait before "
+"refreshing its cache of enumerated records."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:606
+msgid "Default: 300"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:612
+msgid "ldap_purge_cache_timeout"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:615
+msgid ""
+"Determine how often to check the cache for inactive entries (such as groups "
+"with no members and users who have never logged in) and remove them to save "
+"space."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:621
+msgid "Setting this option to zero will disable the cache cleanup operation."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:625
+msgid "Default: 10800 (12 hours)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:631
+msgid "ldap_user_fullname (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:634
+msgid "The LDAP attribute that corresponds to the user's full name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:638 sssd-ldap.5.xml:717 sssd-ldap.5.xml:810
+msgid "Default: cn"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:644
+msgid "ldap_user_member_of (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:647
+msgid "The LDAP attribute that lists the user's group memberships."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:651
+msgid "Default: memberOf"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:657
+msgid "ldap_user_authorized_service (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:660
+msgid ""
+"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
+"use the presence of the authorizedService attribute in the user's LDAP entry"
+" to determine access privilege."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:667
+msgid ""
+"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
+"explicit allow (svc) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:672
+msgid "Default: authorizedService"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:678
+msgid "ldap_user_authorized_host (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:681
+msgid ""
+"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
+"presence of the host attribute in the user's LDAP entry to determine access "
+"privilege."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:687
+msgid ""
+"An explicit deny (!host) is resolved first. Second, SSSD searches for "
+"explicit allow (host) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:692
+msgid "Default: host"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:698
+msgid "ldap_group_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:701
+msgid "The object class of a group entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:704
+msgid "Default: posixGroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:710
+msgid "ldap_group_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:713
+msgid "The LDAP attribute that corresponds to the group name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:723
+msgid "ldap_group_gid_number (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:726
+msgid "The LDAP attribute that corresponds to the group's id."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:736
+msgid "ldap_group_member (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:739
+msgid "The LDAP attribute that contains the names of the group's members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:743
+msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:749
+msgid "ldap_group_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:752
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP group object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:762
+msgid "ldap_group_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:775
+msgid "ldap_group_nesting_level (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:778
+msgid ""
+"If ldap_schema is set to a schema format that supports nested groups (e.g. "
+"RFC2307bis), then this option controls how many levels of nesting SSSD will "
+"follow. This option has no effect on the RFC2307 schema."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:785
+msgid "Default: 2"
+msgstr "Пешфарз: 2"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:791
+msgid "ldap_netgroup_object_class (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:794
+msgid "The object class of a netgroup entry in LDAP."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:797
+msgid "Default: nisNetgroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:803
+msgid "ldap_netgroup_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:806
+msgid "The LDAP attribute that corresponds to the netgroup name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:816
+msgid "ldap_netgroup_member (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:819
+msgid "The LDAP attribute that contains the names of the netgroup's members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:823
+msgid "Default: memberNisNetgroup"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:829
+msgid "ldap_netgroup_triple (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:832
+msgid ""
+"The LDAP attribute that contains the (host, user, domain) netgroup triples."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:836
+msgid "Default: nisNetgroupTriple"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:842
+msgid "ldap_netgroup_uuid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:845
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:855
+msgid "ldap_netgroup_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:868
+msgid "ldap_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:871
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches are allowed to run "
+"before they are cancelled and cached results are returned (and offline mode "
+"is entered)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:877
+msgid ""
+"Note: this option is subject to change in future versions of the SSSD. It "
+"will likely be replaced at some point by a series of timeouts for specific "
+"lookup types."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:883 sssd-ldap.5.xml:925 sssd-ldap.5.xml:940
+msgid "Default: 6"
+msgstr "Пешфарз: 6"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:889
+msgid "ldap_enumeration_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:892
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches for user and group "
+"enumerations are allowed to run before they are cancelled and cached results"
+" are returned (and offline mode is entered)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:899
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:905
+msgid "ldap_network_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:908
+msgid ""
+"Specifies the timeout (in seconds) after which the <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> "
+"<manvolnum>2</manvolnum> </citerefentry> following a <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry> returns in case of no activity."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:931
+msgid "ldap_opt_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:934
+msgid ""
+"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
+"will abort if no response is received. Also controls the timeout when "
+"communicating with the KDC in case of SASL bind."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:946
+msgid "ldap_page_size (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:949
+msgid ""
+"Specify the number of records to retrieve from LDAP in a single request. "
+"Some LDAP servers enforce a maximum limit per-request."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:954
+msgid "Default: 1000"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:960
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:963
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing,"
+" they are looked up individually."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:969
+msgid ""
+"You can turn off dereference lookups completely by setting the value to 0."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:973
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:987
+msgid "ldap_tls_reqcert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:990
+msgid ""
+"Specifies what checks to perform on server certificates in a TLS session, if"
+" any. It can be specified as one of the following values:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:996
+msgid ""
+"<emphasis>never</emphasis> = The client will not request or check any server"
+" certificate."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1000
+msgid ""
+"<emphasis>allow</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate"
+" is provided, it will be ignored and the session proceeds normally."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1007
+msgid ""
+"<emphasis>try</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate"
+" is provided, the session is immediately terminated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1013
+msgid ""
+"<emphasis>demand</emphasis> = The server certificate is requested. If no "
+"certificate is provided, or a bad certificate is provided, the session is "
+"immediately terminated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1019
+msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1023
+msgid "Default: hard"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1029
+msgid "ldap_tls_cacert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1032
+msgid ""
+"Specifies the file that contains certificates for all of the Certificate "
+"Authorities that <command>sssd</command> will recognize."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1037 sssd-ldap.5.xml:1055 sssd-ldap.5.xml:1096
+msgid ""
+"Default: use OpenLDAP defaults, typically in "
+"<filename>/etc/openldap/ldap.conf</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1044
+msgid "ldap_tls_cacertdir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1047
+msgid ""
+"Specifies the path of a directory that contains Certificate Authority "
+"certificates in separate individual files. Typically the file names need to "
+"be the hash of the certificate followed by '.0'. If available, "
+"<command>cacertdir_rehash</command> can be used to create the correct names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1062
+msgid "ldap_tls_cert (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1065
+msgid "Specifies the file that contains the certificate for the client's key."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1069 sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1567
+#: sssd-ldap.5.xml:1594 sssd-krb5.5.xml:359
+msgid "Default: not set"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1075
+msgid "ldap_tls_key (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1078
+msgid "Specifies the file that contains the client's key."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1087
+msgid "ldap_tls_cipher_suite (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1090
+msgid ""
+"Specifies acceptable cipher suites. Typically this is a colon sperated "
+"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for format."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1103
+msgid "ldap_id_use_start_tls (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1106
+msgid ""
+"Specifies that the id_provider connection must also use <systemitem "
+"class=\"protocol\">tls</systemitem> to protect the channel."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1116
+msgid "ldap_sasl_mech (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1119
+msgid ""
+"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
+"supported."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1123 sssd-ldap.5.xml:1280
+msgid "Default: none"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1129
+msgid "ldap_sasl_authid (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1132
+msgid ""
+"Specify the SASL authorization id to use. When GSSAPI is used, this "
+"represents the Kerberos principal used for authentication to the directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1137
+msgid "Default: host/machine.fqdn@REALM"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1143
+msgid "ldap_sasl_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1146
+msgid ""
+"If set to true, the LDAP library would perform a reverse lookup to "
+"canonicalize the host name during a SASL bind."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1151
+msgid "Default: false;"
+msgstr "Пешфарз: false;"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1157
+msgid "ldap_krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1160
+msgid "Specify the keytab to use when using SASL/GSSAPI."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1163
+msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1169
+msgid "ldap_krb5_init_creds (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1172
+msgid ""
+"Specifies that the id_provider should init Kerberos credentials (TGT). This"
+" action is performed only if SASL is used and the mechanism selected is "
+"GSSAPI."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1184
+msgid "ldap_krb5_ticket_lifetime (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1187
+msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1191
+msgid "Default: 86400 (24 hours)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1197 sssd-krb5.5.xml:74
+msgid "krb5_server (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1200 sssd-krb5.5.xml:77
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled - for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1212 sssd-krb5.5.xml:89
+msgid ""
+"When using service discovery for KDC or kpasswd servers, SSSD first searches"
+" for DNS entries that specify _udp as the protocol and falls back to _tcp if"
+" none are found."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1217 sssd-krb5.5.xml:94
+msgid ""
+"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD."
+" While the legacy name is recognized for the time being, users are advised "
+"to migrate their config files to use <quote>krb5_server</quote> instead."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1226 sssd-ipa.5.xml:165 sssd-krb5.5.xml:103
+msgid "krb5_realm (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1229
+msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1232
+msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1238 sssd-ipa.5.xml:180 sssd-krb5.5.xml:409
+msgid "krb5_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1241
+msgid ""
+"Specifies if the host pricipal should be canonicalized when connecting to "
+"LDAP server. This feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1253
+msgid "ldap_pwd_policy (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1256
+msgid ""
+"Select the policy to evaluate the password expiration on the client side. "
+"The following values are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1261
+msgid ""
+"<emphasis>none</emphasis> - No evaluation on the client side. This option "
+"cannot disable server-side password policies."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1266
+msgid ""
+"<emphasis>shadow</emphasis> - Use "
+"<citerefentry><refentrytitle>shadow</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> style attributes to evaluate if the "
+"password has expired. Note that the current version of sssd cannot update "
+"this attribute during a password change."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1274
+msgid ""
+"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
+"to determine if the password has expired. Use chpass_provider=krb5 to update"
+" these attributes when the password is changed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1286
+msgid "ldap_referrals (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1289
+msgid "Specifies whether automatic referral chasing should be enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1293
+msgid ""
+"Please note that sssd only supports referral chasing when it is compiled "
+"with OpenLDAP version 2.4.13 or higher."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1304
+msgid "ldap_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1307
+msgid "Specifies the service name to use when service discovery is enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1311
+msgid "Default: ldap"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1317
+msgid "ldap_chpass_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1320
+msgid ""
+"Specifies the service name to use to find an LDAP server which allows "
+"password changes when service discovery is enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1325
+msgid "Default: not set, i.e. service discovery is disabled"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1331
+msgid "ldap_access_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1334
+msgid ""
+"If using access_provider = ldap, this option is mandatory. It specifies an "
+"LDAP search filter criteria that must be met for the user to be granted "
+"access on this host. If access_provider = ldap and this option is not set, "
+"it will result in all users being denied access. Use access_provider = allow"
+" to change this default behavior."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:1570
+msgid "Example:"
+msgstr "Намуна:"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1347
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+" "
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1351
+msgid ""
+"This example means that access to this host is restricted to members of the "
+"\"allowedusers\" group in ldap."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1356
+msgid ""
+"Offline caching for this feature is limited to determining whether the "
+"user's last online login was granted access permission. If they were granted"
+" access during their last login, they will continue to be granted access "
+"while offline and vice-versa."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1364 sssd-ldap.5.xml:1414
+msgid "Default: Empty"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1370
+msgid "ldap_account_expire_policy (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1373
+msgid ""
+"With this option a client side evaluation of access control attributes can "
+"be enabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1377
+msgid ""
+"Please note that it is always recommended to use server side access control,"
+" i.e. the LDAP server should deny the bind request with a suitable error "
+"code even if the password is correct."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1384
+msgid "The following values are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1387
+msgid ""
+"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
+"determine if the account is expired."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1392
+msgid ""
+"<emphasis>ad</emphasis>: use the value of the 32bit field "
+"ldap_user_ad_user_account_control and allow access if the second bit is not "
+"set. If the attribute is missing access is granted. Also the expiration time"
+" of the account is checked."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1399
+msgid ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, "
+"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check "
+"if access is allowed or not."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1405
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1420
+msgid "ldap_access_order (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1423
+msgid "Comma separated list of access control options. Allowed values are:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1427
+msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1430
+msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1434
+msgid ""
+"<emphasis>authorized_service</emphasis>: use the authorizedService attribute"
+" to determine access"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1439
+msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1443
+msgid "Default: filter"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1446
+msgid ""
+"Please note that it is a configuration error if a value is used more than "
+"once."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1453
+msgid "ldap_deref (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1456
+msgid ""
+"Specifies how alias dereferencing is done when performing a search. The "
+"following options are allowed:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1461
+msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1465
+msgid ""
+"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
+"the base object, but not in locating the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1470
+msgid ""
+"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
+"the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1475
+msgid ""
+"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
+"in locating the base object of the search."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1480
+msgid ""
+"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
+"client libraries)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:51
+msgid ""
+"All of the common configuration options that apply to SSSD domains also "
+"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
+"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for full details. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1492
+msgid "ADVANCED OPTIONS"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1499
+msgid "ldap_netgroup_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1502
+msgid ""
+"An optional base DN to restrict netgroup searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1506 sssd-ldap.5.xml:1525 sssd-ldap.5.xml:1544
+msgid ""
+"See <quote>ldap_search_base</quote> for information about configuring "
+"multiple search bases."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:1530 sssd-ldap.5.xml:1549
+msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1518
+msgid "ldap_user_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1521
+msgid "An optional base DN to restrict user searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1537
+msgid "ldap_group_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1540
+msgid "An optional base DN to restrict group searches to a specific subtree."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1556
+msgid "ldap_user_search_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1559
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict user searches."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1563
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_user_search_base."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1573
+#, no-wrap
+msgid ""
+" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+" "
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1576
+msgid ""
+"This filter would restrict user searches to users that have their shell set "
+"to /bin/tcsh."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1583
+msgid "ldap_group_search_filter (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1586
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict group searches."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1590
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_group_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1494
+msgid ""
+"These options are supported by LDAP domains, but they should be used with "
+"caution. Please include them in your configuration only if you know what you"
+" are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1610
+msgid ""
+"The following example assumes that SSSD is correctly configured and LDAP is "
+"set to one of the domains in the <replaceable>[domains]</replaceable> "
+"section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ldap.5.xml:1616
+#, no-wrap
+msgid ""
+" [domain/LDAP]\n"
+" id_provider = ldap\n"
+" auth_provider = ldap\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
+" ldap_tls_reqcert = demand\n"
+" cache_credentials = true\n"
+" enumerate = true\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1615 sssd-simple.5.xml:134 sssd-ipa.5.xml:255
+#: sssd-krb5.5.xml:441
+msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1629 sssd_krb5_locator_plugin.8.xml:61
+msgid "NOTES"
+msgstr "ЭЗОҲҲО"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1631
+msgid ""
+"The descriptions of some of the configuration options in this manual page "
+"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
+"distribution."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1642
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <refentryinfo>
+#: pam_sss.8.xml:8 include/upstream.xml:2
+msgid ""
+"<productname>SSSD</productname> <orgname>The SSSD upstream - "
+"http://fedorahosted.org/sssd</orgname>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: pam_sss.8.xml:13 pam_sss.8.xml:18
+msgid "pam_sss"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: pam_sss.8.xml:19
+msgid "PAM module for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: pam_sss.8.xml:24
+msgid ""
+"<command>pam_sss.so</command> <arg choice='opt'> "
+"<replaceable>quiet</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>forward_pass</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>use_first_pass</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>use_authtok</replaceable> </arg> <arg choice='opt'> "
+"<replaceable>retry=N</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:45
+msgid ""
+"<command>pam_sss.so</command> is the PAM interface to the System Security "
+"Services daemon (SSSD). Errors and results are logged through "
+"<command>syslog(3)</command> with the LOG_AUTHPRIV facility."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:55
+msgid "<option>quiet</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:58
+msgid "Suppress log messages for unknown users."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:63
+msgid "<option>forward_pass</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:66
+msgid ""
+"If <option>forward_pass</option> is set the entered password is put on the "
+"stack for other PAM modules to use."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:73
+msgid "<option>use_first_pass</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:76
+msgid ""
+"The argument use_first_pass forces the module to use a previous stacked "
+"modules password and will never prompt the user - if no password is "
+"available or the password is not appropriate, the user will be denied "
+"access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:84
+msgid "<option>use_authtok</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:87
+msgid ""
+"When password changing enforce the module to set the new password to the one"
+" provided by a previously stacked password module."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:94
+msgid "<option>retry=N</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:97
+msgid ""
+"If specified the user is asked another N times for a password if "
+"authentication fails. Default is 0."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:99
+msgid ""
+"Please note that this option might not work as expected if the application "
+"calling PAM handles the user dialog on its own. A typical example is "
+"<command>sshd</command> with <option>PasswordAuthentication</option>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:110
+msgid "MODULE TYPES PROVIDED"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:111
+msgid ""
+"All module types (<option>account</option>, <option>auth</option>, "
+"<option>password</option> and <option>session</option>) are provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:117
+msgid "FILES"
+msgstr "ФАЙЛҲО"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:118
+msgid ""
+"If a password reset by root fails, because the corresponding SSSD provider "
+"does not support password resets, an individual message can be displayed. "
+"This message can e.g. contain instructions about how to reset a password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:123
+msgid ""
+"The message is read from the file "
+"<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a "
+"locale string returned by <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> "
+"</citerefentry>. If there is no matching file the content of "
+"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be"
+" the owner of the files and only root may have read and write permissions "
+"while all other users must have only read permissions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:133
+msgid ""
+"These files are searched in the directory "
+"<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file "
+"is present a generic message is displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:141
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
+msgid "sssd_krb5_locator_plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:22
+msgid ""
+"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
+"used by the Kerberos provider of <citerefentry> "
+"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>"
+" to tell the Kerberos libraries what Realm and which KDC to use. Typically "
+"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> which is always read by the "
+"Kerberos libraries. To simplify the configuration the Realm and the KDC can "
+"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> "
+"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:48
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> puts the Realm and the name or IP address of the KDC into "
+"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
+"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
+"libraries it reads and evaluates these variable and returns them to the "
+"libraries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:63
+msgid ""
+"Not all Kerberos implementations support the use of plugins. If "
+"<command>sssd_krb5_locator_plugin</command> is not available on your system "
+"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:69
+msgid ""
+"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+"debug messages will be sent to stderr."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:77
+msgid ""
+"<citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
+msgid "sssd-simple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-simple.5.xml:17
+msgid "the configuration file for SSSD's 'simple' access-control provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:24
+msgid ""
+"This manual page describes the configuration of the simple access-control "
+"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
+"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:38
+msgid ""
+"The simple access provider grants or denies access based on an access or "
+"deny list of user or group names. The following rules apply:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:43
+msgid "If all lists are empty, access is granted"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:47
+msgid ""
+"If any list is provided, the order of evaluation is allow,deny. This means "
+"that any matching deny rule will supersede any matched allow rule."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:54
+msgid ""
+"If either or both \"allow\" lists are provided, all users are denied unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:60
+msgid ""
+"If only \"deny\" lists are provided, all users are granted access unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:78
+msgid "simple_allow_users (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:81
+msgid "Comma separated list of users who are allowed to log in."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:88
+msgid "simple_deny_users (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:91
+msgid "Comma separated list of users who are explicitly denied access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:97
+msgid "simple_allow_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:100
+msgid ""
+"Comma separated list of groups that are allowed to log in. This applies only"
+" to groups within this SSSD domain. Local groups are not evaluated."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:108
+msgid "simple_deny_groups (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:111
+msgid ""
+"Comma separated list of groups that are explicitly denied access. This "
+"applies only to groups within this SSSD domain. Local groups are not "
+"evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62
+msgid ""
+"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:120
+msgid ""
+"Please note that it is an configuration error if both, simple_allow_users "
+"and simple_deny_users, are defined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:128
+msgid ""
+"The following example assumes that SSSD is correctly configured and "
+"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
+"section. This examples shows only the simple access provider-specific "
+"options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-simple.5.xml:135
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" access_provider = simple\n"
+" simple_allow_users = user1, user2\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:145
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
+msgid "sssd-ipa"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:23
+msgid ""
+"This manual page describes the configuration of the IPA provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:36
+msgid ""
+"The IPA provider is a back end used to connect to an IPA server. (Refer to "
+"the freeipa.org web site for information about IPA servers.) This provider "
+"requires that the machine be joined to the IPA domain; configuration is "
+"almost entirely self-discovered and obtained directly from the server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:43
+msgid ""
+"The IPA provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> identity provider and the <citerefentry> <refentrytitle"
+">sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> "
+"authentication provider. However, it is neither necessary nor recommended "
+"to set these options. IPA provider can also be used as an access and chpass"
+" provider. As an access provider it uses HBAC (host-based access control) "
+"rules. Please refer to freeipa.org for more information about HBAC. No "
+"configuration of access provider is required on the client side."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:69
+msgid "ipa_domain (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:72
+msgid ""
+"Specifies the name of the IPA domain. This is optional. If not provided, "
+"the configuration domain name is used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:80
+msgid "ipa_server (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:83
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the IPA servers to "
+"which SSSD should connect in the order of preference. For more information "
+"on failover and server redundancy, see the <quote>FAILOVER</quote> section."
+" This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> "
+"section."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:96
+msgid "ipa_hostname (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:99
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the IPA domain to identify this host."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:107
+msgid "ipa_dyndns_update (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:110
+msgid ""
+"Optional. This option tells SSSD to automatically update the DNS server "
+"built into FreeIPA v2 with the IP address of this client."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:121
+msgid "ipa_dyndns_iface (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:124
+msgid ""
+"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
+"interface whose IP address should be used for dynamic DNS updates."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:129
+msgid "Default: Use the IP address of the IPA LDAP connection"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:135
+msgid "ipa_hbac_search_base (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"Optional. Use the given string as search base for HBAC related objects."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:142
+msgid "Default: Use base DN"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:148 sssd-krb5.5.xml:229
+msgid "krb5_validate (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:151 sssd-krb5.5.xml:232
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:158
+msgid ""
+"Note that this default differs from the traditional Kerberos provider back "
+"end."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:168
+msgid ""
+"The name of the Kerberos realm. This is optional and defaults to the value "
+"of <quote>ipa_domain</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:172
+msgid ""
+"The name of the Kerberos realm has a special meaning in IPA - it is "
+"converted into the base DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:183
+msgid ""
+"Specifies if the host and user pricipal should be canonicalized when "
+"connecting to IPA LDAP and also for AS requests. This feature is available "
+"with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:196
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:199
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server."
+" This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:206
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:211
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:214
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users"
+" of FreeIPA will need to migrate their rules to use only the ALLOW rules. "
+"The client will support two modes of operation during this transition "
+"period:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:223
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:228
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:233
+msgid "Default: DENY_ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:249
+msgid ""
+"The following example assumes that SSSD is correctly configured and "
+"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
+"section. This examples shows only the ipa provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ipa.5.xml:256
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" id_provider = ipa\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:267
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.8.xml:10 sssd.8.xml:15
+msgid "sssd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.8.xml:16
+msgid "System Security Services Daemon"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sssd.8.xml:21
+msgid ""
+"<command>sssd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:31
+msgid ""
+"<command>SSSD</command> provides a set of daemons to manage access to remote"
+" directories and authentication mechanisms. It provides an NSS and PAM "
+"interface toward the system and a pluggable backend system to connect to "
+"multiple different account sources as well as D-Bus interface. It is also "
+"the basis to provide client auditing and policy services for projects like "
+"FreeIPA. It provides a more robust database to store local users as well as "
+"extended user data."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:46
+msgid ""
+"<option>-d</option>,<option>--debug-level</option> "
+"<replaceable>LEVEL</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:53
+msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:57
+msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:60
+msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:69
+msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:73
+msgid ""
+"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:76
+msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:79
+msgid "Default: 0"
+msgstr "Пешфарз: 0"
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:85
+msgid "<option>-f</option>,<option>--debug-to-files</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:89
+msgid ""
+"Send the debug output to files instead of stderr. By default, the log files "
+"are stored in <filename>/var/log/sssd</filename> and there are separate log "
+"files for every SSSD service and domain."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:97
+msgid "<option>-D</option>,<option>--daemon</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:101
+msgid "Become a daemon after starting up."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:107
+msgid "<option>-i</option>,<option>--interactive</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:111
+msgid "Run in the foreground, don't become a daemon."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:117
+msgid "<option>-c</option>,<option>--config</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:121
+msgid ""
+"Specify a non-default config file. The default is "
+"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file "
+"syntax and options, consult the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.8.xml:137
+msgid "Signals"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:140
+msgid "SIGTERM/SIGINT"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:143
+msgid ""
+"Informs the SSSD to gracefully terminate all of its child processes and then"
+" shut down the monitor."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:149
+msgid "SIGHUP"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:152
+msgid ""
+"Tells the SSSD to stop writing to its current debug file descriptors and to "
+"close and reopen them. This is meant to facilitate log rolling with programs"
+" like logrotate."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:160
+msgid "SIGUSR1"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:163
+msgid ""
+"Tells the SSSD to simulate offline operation for one minute. This is mostly "
+"useful for testing purposes."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:169
+msgid "SIGUSR2"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:172
+msgid ""
+"Tells the SSSD to go online immediately. This is mostly useful for testing "
+"purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:183
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
+msgid "sss_obfuscate"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_obfuscate.8.xml:16
+msgid "obfuscate a clear text password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_obfuscate.8.xml:21
+msgid ""
+"<command>sss_obfuscate</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>[PASSWORD]</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:32
+msgid ""
+"<command>sss_obfuscate</command> converts a given password into human-"
+"unreadable format and places it into appropriate domain section of the SSSD "
+"config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:37
+msgid ""
+"The cleartext password is read from standard input or entered interactively."
+" The obfuscated password is put into <quote>ldap_default_authtok</quote> "
+"parameter of a given SSSD domain and the "
+"<quote>ldap_default_authtok_type</quote> parameter is set to "
+"<quote>obfuscated_password</quote>. Refer to <citerefentry> <refentrytitle"
+">sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more"
+" details on these parameters."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:49
+msgid ""
+"Please note that obfuscating the password provides <emphasis>no real "
+"security benefit</emphasis> as it is still possible for an attacker to "
+"reverse-engineer the password back. Using better authentication mechanisms "
+"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
+"advised."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:63
+msgid "<option>-s</option>,<option>--stdin</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:67
+msgid "The password to obfuscate will be read from standard input."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:74
+msgid ""
+"<option>-d</option>,<option>--domain</option> "
+"<replaceable>DOMAIN</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:79
+msgid ""
+"The SSSD domain to use the password in. The default name is "
+"<quote>default</quote>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:86
+msgid ""
+"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:91
+msgid "Read the config file specified by the positional parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:95
+msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:105
+msgid ""
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
+msgid "sss_useradd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_useradd.8.xml:16
+msgid "create a new user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_useradd.8.xml:21
+msgid ""
+"<command>sss_useradd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:32
+msgid ""
+"<command>sss_useradd</command> creates a new user account using the values "
+"specified on the command line plus the default values from the system."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:43
+msgid ""
+"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:48
+msgid ""
+"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:55 sss_usermod.8.xml:43
+msgid ""
+"<option>-c</option>,<option>--gecos</option> "
+"<replaceable>COMMENT</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:60 sss_usermod.8.xml:48
+msgid ""
+"Any text string describing the user. Often used as the field for the user's "
+"full name."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:67 sss_usermod.8.xml:55
+msgid ""
+"<option>-h</option>,<option>--home</option> "
+"<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:72
+msgid ""
+"The home directory of the user account. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
+"that as the home directory. The base that is prepended before "
+"<replaceable>LOGIN</replaceable> is tunable with "
+"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:82 sss_usermod.8.xml:66
+msgid ""
+"<option>-s</option>,<option>--shell</option> "
+"<replaceable>SHELL</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:87
+msgid ""
+"The user's login shell. The default is currently "
+"<filename>/bin/bash</filename>. The default can be changed with "
+"<quote>user_defaults/defaultShell</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:96
+msgid ""
+"<option>-G</option>,<option>--groups</option> "
+"<replaceable>GROUPS</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:101
+msgid "A list of existing groups this user is also a member of."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:107
+msgid "<option>-m</option>,<option>--create-home</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:111
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the -k option or in the config file) will be copied to the home directory."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:121
+msgid "<option>-M</option>,<option>--no-create-home</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:125
+msgid ""
+"Do not create the user's home directory. Overrides configuration settings."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:132
+msgid ""
+"<option>-k</option>,<option>--skel</option> "
+"<replaceable>SKELDIR</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:137
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in"
+" the user's home directory, when the home directory is created by "
+"<command>sss_useradd</command>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:143
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified, or creation of home directories is set "
+"to TRUE in the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
+msgid ""
+"<option>-Z</option>,<option>--selinux-user</option> "
+"<replaceable>SELINUX_USER</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:157
+msgid ""
+"The SELinux user for the user's login. If not specified, the system default "
+"will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:169
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
+msgid "sssd-krb5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:23
+msgid ""
+"This manual page describes the configuration of the Kerberos 5 "
+"authentication backend for <citerefentry> "
+"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, please refer to the "
+"<quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> manual page"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:36
+msgid ""
+"The Kerberos 5 authentication backend contains auth and chpass providers. It"
+" must be paired with identity provider in order to function properly (for "
+"example, id_provider = ldap). Some information required by the Kerberos 5 "
+"authentication backend must be provided by the identity provider, such as "
+"the user's Kerberos Principal Name (UPN). The configuration of the identity "
+"provider should have an entry to specify the UPN. Please refer to the man "
+"page for the applicable identity provider for details on how to configure "
+"this."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:47
+msgid ""
+"This backend also provides access control based on the .k5login file in the "
+"home directory of the user. See <citerefentry> "
+"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry> for more details. Please note that an empty .k5login file "
+"will deny all access to this user. To activate this feature use "
+"'access_provider = krb5' in your sssd configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:55
+msgid ""
+"In the case where the UPN is not available in the identity backend "
+"<command>sssd</command> will construct a UPN using the format "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:106
+msgid ""
+"The name of the Kerberos realm. This option is required and must be "
+"specified."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:113
+msgid "krb5_kpasswd (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:116
+msgid ""
+"If the change password service is not running on the KDC alternative servers"
+" can be defined here. An optional port number (preceded by a colon) may be "
+"appended to the addresses or hostnames."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:122
+msgid ""
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. Please note that even if there are no more"
+" kpasswd servers to try the back end is not switch to offline if "
+"authentication against the KDC is still possible."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:129
+msgid "Default: Use the KDC"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:135
+msgid "krb5_ccachedir (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:138
+msgid ""
+"Directory to store credential caches. All the substitution sequences of "
+"krb5_ccname_template can be used here, too, except %d and %P. If the "
+"directory does not exist it will be created. If %u, %U, %p or %h are used a "
+"private directory belonging to the user is created. Otherwise a public "
+"directory with restricted deletion flag (aka sticky bit, see <citerefentry> "
+"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
+"</citerefentry> for details) is created."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:151
+msgid "Default: /tmp"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:157
+msgid "krb5_ccname_template (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:171
+msgid "login UID"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:174
+msgid "%p"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:175
+msgid "principal name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:179
+msgid "%r"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:180
+msgid "realm name"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:183
+msgid "%h"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:184
+msgid "home directory"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:189
+msgid "value of krb5ccache_dir"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:194
+msgid "%P"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:195
+msgid "the process ID of the sssd client"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:160
+msgid ""
+"Location of the user's credential cache. Currently only file based "
+"credential caches are supported. In the template the following sequences are"
+" substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template "
+"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe "
+"way."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:209
+msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:215
+msgid "krb5_auth_timeout (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:218
+msgid ""
+"Timeout in seconds after an online authentication or change password request"
+" is aborted. If possible the authentication request is continued offline."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:241
+msgid "krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:244
+msgid ""
+"The location of the keytab to use when validating credentials obtained from "
+"KDCs."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:248
+msgid "Default: /etc/krb5.keytab"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:254
+msgid "krb5_store_password_if_offline (boolean)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:257
+msgid ""
+"Store the password of the user if the provider is offline and use it to "
+"request a TGT when the provider gets online again."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:262
+msgid ""
+"Please note that this feature currently only available on a Linux platform. "
+"Passwords stored in this way are kept in plaintext in the kernel keyring and"
+" are potentially accessible by the root user (with difficulty)."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:275
+msgid "krb5_renewable_lifetime (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:278
+msgid ""
+"Request a renewable ticket with a total lifetime given by an integer "
+"immediately followed by one of the following delimiters:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319
+msgid "<emphasis>s</emphasis> seconds"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322
+msgid "<emphasis>m</emphasis> minutes"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325
+msgid "<emphasis>h</emphasis> hours"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328
+msgid "<emphasis>d</emphasis> days."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331
+msgid "If there is no delimiter <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:299
+msgid ""
+"Please note that it is not possible to mix units. If you want to set the "
+"renewable lifetime to one and a half hours please use '90m' instead of "
+"'1h30m'."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:305
+msgid "Default: not set, i.e. the TGT is not renewable"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:311
+msgid "krb5_lifetime (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:314
+msgid ""
+"Request ticket with a with a lifetime given by an integer immediately "
+"followed by one of the following delimiters:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:335
+msgid ""
+"Please note that it is not possible to mix units. If you want to set the "
+"lifetime to one and a half hours please use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:340
+msgid ""
+"Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:347
+msgid "krb5_renew_interval (integer)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:350
+msgid ""
+"The time in seconds between two checks if the TGT should be renewed. TGTs "
+"are renewed if about half of their lifetime is exceeded."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:355
+msgid "If this option is not set or 0 the automatic renewal is disabled."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:365
+msgid "krb5_use_fast (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:368
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:373
+msgid ""
+"<emphasis>never</emphasis> use FAST, this is equivalent to not set this "
+"option at all."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:377
+msgid ""
+"<emphasis>try</emphasis> to use FAST, if the server does not support fast "
+"continue without."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:381
+msgid ""
+"<emphasis>demand</emphasis> to use FAST, fail if the server does not require"
+" fast."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:385
+msgid "Default: not set, i.e. FAST is not used."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:388
+msgid "Please note that a keytab is required to use fast."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:391
+msgid ""
+"Please note also that sssd supports fast only with MIT Kerberos version 1.8 "
+"and above. If sssd used used with an older version using this option is a "
+"configuration error."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:400
+msgid "krb5_fast_principal (string)"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:403
+msgid "Specifies the server principal to use for FAST."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:412
+msgid ""
+"Specifies if the host and user pricipal should be canonicalized. This "
+"feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:65
+msgid ""
+"If the auth-module krb5 is used in a SSSD domain, the following options must"
+" be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN "
+"SECTIONS</quote> for details on the configuration of a SSSD domain. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:434
+msgid ""
+"The following example assumes that SSSD is correctly configured and FOO is "
+"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
+"example shows only configuration of Kerberos authentication, it does not "
+"include any identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-krb5.5.xml:442
+#, no-wrap
+msgid ""
+" [domain/FOO]\n"
+" auth_provider = krb5\n"
+" krb5_server = 192.168.1.1\n"
+" krb5_realm = EXAMPLE.COM\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:453
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> "
+"</citerefentry>, <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry>"
+" <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
+msgid "sss_groupadd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupadd.8.xml:16
+msgid "create a new group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupadd.8.xml:21
+msgid ""
+"<command>sss_groupadd</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:32
+msgid ""
+"<command>sss_groupadd</command> creates a new group. These groups are "
+"compatible with POSIX groups, with the additional feature that they can "
+"contain other groups as members."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupadd.8.xml:43
+msgid ""
+"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupadd.8.xml:48
+msgid ""
+"Set the GID of the group to the value of <replaceable>GID</replaceable>. If"
+" not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:60
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
+msgid "sss_userdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_userdel.8.xml:16
+msgid "delete a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_userdel.8.xml:21
+msgid ""
+"<command>sss_userdel</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:32
+msgid ""
+"<command>sss_userdel</command> deletes a user identified by login name "
+"<replaceable>LOGIN</replaceable> from the system."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:44
+msgid "<option>-r</option>,<option>--remove</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:48
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:56
+msgid "<option>-R</option>,<option>--no-remove</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:60
+msgid ""
+"Files in the user's home directory will NOT be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:68
+msgid "<option>-f</option>,<option>--force</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:72
+msgid ""
+"This option forces <command>sss_userdel</command> to remove the user's home "
+"directory and mail spool, even if they are not owned by the specified user."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:80
+msgid "<option>-k</option>,<option>--kick</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:84
+msgid "Before actually deleting the user, terminate all his processes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:95
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
+msgid "sss_groupdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupdel.8.xml:16
+msgid "delete a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupdel.8.xml:21
+msgid ""
+"<command>sss_groupdel</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:32
+msgid ""
+"<command>sss_groupdel</command> deletes a group identified by its name "
+"<replaceable>GROUP</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:48
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
+msgid "sss_groupshow"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupshow.8.xml:16
+msgid "print properties of a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupshow.8.xml:21
+msgid ""
+"<command>sss_groupshow</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>GROUP</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:32
+msgid ""
+"<command>sss_groupshow</command> displays information about a group "
+"identified by its name <replaceable>GROUP</replaceable>. The information "
+"includes the group ID number, members of the group and the parent group."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupshow.8.xml:43
+msgid "<option>-R</option>,<option>--recursive</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupshow.8.xml:47
+msgid ""
+"Also print indirect group members in a tree-like hierarchy. Note that this "
+"also affects printing parent groups - without <option>R</option>, only the "
+"direct parent will be printed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:60
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
+msgid "sss_usermod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_usermod.8.xml:16
+msgid "modify a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_usermod.8.xml:21
+msgid ""
+"<command>sss_usermod</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>LOGIN</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:32
+msgid ""
+"<command>sss_usermod</command> modifies the account specified by "
+"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
+"on the command line."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:60
+msgid "The home directory of the user account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:71
+msgid "The user's login shell."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:82
+msgid ""
+"Append this user to groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter. The "
+"<replaceable>GROUPS</replaceable> parameter is a comma separated list of "
+"group names."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:96
+msgid ""
+"Remove this user from groups specified by the "
+"<replaceable>GROUPS</replaceable> parameter."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:103
+msgid "<option>-l</option>,<option>--lock</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:107
+msgid "Lock the user account. The user won't be able to log in."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:114
+msgid "<option>-u</option>,<option>--unlock</option>"
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:118
+msgid "Unlock the user account."
+msgstr ""
+
+#. type: Content of:
+#. <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:129
+msgid "The SELinux user for the user's login."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:140
+msgid ""
+"<citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> "
+"</citerefentry>."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/service_discovery.xml:2
+msgid "SERVICE DISCOVERY"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/service_discovery.xml:4
+msgid ""
+"The service discovery feature allows back ends to automatically find the "
+"appropriate servers to connect to using a special DNS query."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:9
+msgid "Configuration"
+msgstr "Ҷӯрсозӣ"
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:11
+msgid ""
+"If no servers are specified, the back end automatically uses service "
+"discovery to try to find a server. Optionally, the user may choose to use "
+"both fixed server addresses and service discovery by inserting a special "
+"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
+"preference is maintained. This feature is useful if, for example, the user "
+"prefers to use service discovery whenever possible, and fall back to a "
+"specific server when no servers can be discovered using DNS."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:23
+msgid "The domain name"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:25
+msgid ""
+"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:35
+msgid "The protocol"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:37
+msgid ""
+"The queries usually specify _tcp as the protocol. Exceptions are documented "
+"in respective option description."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:42
+msgid "See Also"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:44
+msgid ""
+"For more information on the service discovery mechanism, refer to RFC 2782."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/upstream.xml:1
+msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/failover.xml:2
+msgid "FAILOVER"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/failover.xml:4
+msgid ""
+"The failover feature allows back ends to automatically switch to a different"
+" server if the primary server fails."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:8
+msgid "Failover Syntax"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:10
+msgid ""
+"The list of servers is given as a comma-separated list; any number of spaces"
+" is allowed around the comma. The servers are listed in order of preference."
+" The list can contain any number of servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:17
+msgid "The Failover Mechanism"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:19
+msgid ""
+"The failover mechanism distinguishes between a machine and a service. The "
+"back end first tries to resolve the hostname of a given machine; if this "
+"resolution attempt fails, the machine is considered offline. No further "
+"attempts are made to connect to this machine for any other service. If the "
+"resolution attempt succeeds, the back end tries to connect to a service on "
+"this machine. If the service connection attempt fails, then only this "
+"particular service is considered offline and the back end automatically "
+"switches over to the next service. The machine is still considered online "
+"and might still be tried for another service."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:32
+msgid ""
+"Further connection attempts are made to machines or services marked as "
+"offline after a specified period of time; this is currently hard coded to 30"
+" seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:37
+msgid ""
+"If there are no more machines to try, the back end as a whole switches to "
+"offline mode, and then attempts to reconnect every 30 seconds."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help.xml:3
+msgid "<option>-h</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/param_help.xml:7
+msgid "Display help message and exit."
+msgstr ""
+
+
diff --git a/src/man/po/tr.po b/src/man/po/tr.po
index f109212b..58ad06b0 100644
--- a/src/man/po/tr.po
+++ b/src/man/po/tr.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Turkish (http://www.transifex.net/projects/p/fedora/team/"
diff --git a/src/man/po/ur.po b/src/man/po/ur.po
index dbc22212..793b3ef4 100644
--- a/src/man/po/ur.po
+++ b/src/man/po/ur.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-10-18 13:34-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Urdu <trans-urdu@lists.fedoraproject.org>\n"
diff --git a/src/man/po/vi_VN.po b/src/man/po/vi_VN.po
index d8100ff5..ac6d10e3 100644
--- a/src/man/po/vi_VN.po
+++ b/src/man/po/vi_VN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/src/man/po/zh_HK.po b/src/man/po/zh_HK.po
index b3a5b6bc..bccfbd68 100644
--- a/src/man/po/zh_HK.po
+++ b/src/man/po/zh_HK.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Chinese (Hong Kong) <chinese@lists.fedoraproject.org>\n"
diff --git a/src/man/po/zh_TW.po b/src/man/po/zh_TW.po
index d580325c..5b7c11be 100644
--- a/src/man/po/zh_TW.po
+++ b/src/man/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2011-11-02 15:10-0300\n"
+"POT-Creation-Date: 2011-12-09 09:11-0500\n"
"PO-Revision-Date: 2010-12-23 15:35+0000\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Chinese (Taiwan) <trans-zh_TW@lists.fedoraproject.org>\n"
generated by cgit (git 2.34.1) at 2024-04-26 02:26:41 +0000