From a071257ed2dd42e4767a7b220914e0f20b9fd970 Mon Sep 17 00:00:00 2001 From: John Dennis Date: Thu, 8 Dec 2011 16:08:42 -0500 Subject: update i18n pot file for branch master --- install/po/ipa.pot | 9793 ++++++++++++++++++++++++++-------------------------- 1 file changed, 4962 insertions(+), 4831 deletions(-) diff --git a/install/po/ipa.pot b/install/po/ipa.pot index 7a4894e4..ddb40e7c 100644 --- a/install/po/ipa.pot +++ b/install/po/ipa.pot @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: ipa\n" "Report-Msgid-Bugs-To: https://hosted.fedoraproject.org/projects/freeipa/" "newticket\n" -"POT-Creation-Date: 2011-06-06 13:27-0400\n" +"POT-Creation-Date: 2011-12-08 16:05-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -19,7195 +19,7319 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n" -#: ipalib/plugins/__init__.py:20 -msgid "" -"\n" -"Sub-package containing all core plugins.\n" +#: ipalib/cli.py:583 +#, python-format +msgid "Enter %(label)s again to verify: " msgstr "" -#: ipalib/plugins/aci.py:20 -msgid "" -"\n" -"Directory Server Access Control Instructions (ACIs)\n" -"\n" -"ACIs are used to allow or deny access to information. This module is\n" -"currently designed to allow, not deny, access.\n" -"\n" -"The aci commands are designed to grant permissions that allow updating\n" -"existing entries or adding or deleting new ones. The goal of the ACIs\n" -"that ship with IPA is to provide a set of low-level permissions that\n" -"grant access to special groups called taskgroups. These low-level\n" -"permissions can be combined into roles that grant broader access. These\n" -"roles are another type of group, roles.\n" -"\n" -"For example, if you have taskgroups that allow adding and modifying users " -"you\n" -"could create a role, useradmin. You would assign users to the useradmin\n" -"role to allow them to do the operations defined by the taskgroups.\n" -"\n" -"You can create ACIs that delegate permission so users in group A can write\n" -"attributes on group B.\n" -"\n" -"The type option is a map that applies to all entries in the users, groups " -"or\n" -"host location. It is primarily designed to be used when granting add\n" -"permissions (to write new entries).\n" -"\n" -"An ACI consists of three parts:\n" -"1. target\n" -"2. permissions\n" -"3. bind rules\n" -"\n" -"The target is a set of rules that define which LDAP objects are being\n" -"targeted. This can include a list of attributes, an area of that LDAP\n" -"tree or an LDAP filter.\n" -"\n" -"The targets include:\n" -"- attrs: list of attributes affected\n" -"- type: an object type (user, group, host, service, etc)\n" -"- memberof: members of a group\n" -"- targetgroup: grant access to modify a specific group. This is primarily\n" -" designed to enable users to add or remove members of a specific group.\n" -"- filter: A legal LDAP filter used to narrow the scope of the target.\n" -"- subtree: Used to apply a rule across an entire set of objects. For " -"example,\n" -" to allow adding users you need to grant \"add\" permission to the subtree\n" -" ldap://uid=*,cn=users,cn=accounts,dc=example,dc=com. The subtree option\n" -" is a fail-safe for objects that may not be covered by the type option.\n" -"\n" -"The permissions define what the the ACI is allowed to do, and are one or\n" -"more of:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. add - add a new entry to the tree\n" -"4. delete - delete an existing entry\n" -"5. all - all permissions are granted\n" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -"\n" -"The bind rule defines who this ACI grants permissions to. The LDAP server\n" -"allows this to be any valid LDAP entry but we encourage the use of\n" -"taskgroups so that the rights can be easily shared through roles.\n" -"\n" -"For a more thorough description of access controls see\n" -"http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control." -"html\n" -"\n" -"EXAMPLES:\n" -"\n" -"NOTE: ACIs are now added via the permission plugin. These examples are to\n" -"demonstrate how the various options work but this is done via the " -"permission\n" -"command-line now (see last example).\n" -"\n" -" Add an ACI so that the group \"secretaries\" can update the address on any " -"user:\n" -" ipa group-add --desc=\"Office secretaries\" secretaries\n" -" ipa aci-add --attrs=streetAddress --memberof=ipausers --group=secretaries " -"--permissions=write --prefix=none \"Secretaries write addresses\"\n" -"\n" -" Show the new ACI:\n" -" ipa aci-show --prefix=none \"Secretaries write addresses\"\n" -"\n" -" Add an ACI that allows members of the \"addusers\" permission to add new " -"users:\n" -" ipa aci-add --type=user --permission=addusers --permissions=add --" -"prefix=none \"Add new users\"\n" -"\n" -" Add an ACI that allows members of the editors manage members of the admins " -"group:\n" -" ipa aci-add --permissions=write --attrs=member --targetgroup=admins --" -"group=editors --prefix=none \"Editors manage admins\"\n" -"\n" -" Add an ACI that allows members of the admin group to manage the street and " -"zip code of those in the editors group:\n" -" ipa aci-add --permissions=write --memberof=editors --group=admins --" -"attrs=street,postalcode --prefix=none \"admins edit the address of editors" -"\"\n" -"\n" -" Add an ACI that allows the admins group manage the street and zipcode of " -"those who work for the boss:\n" -" ipa aci-add --permissions=write --group=admins --attrs=street,postalcode " -"--filter=\"(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)\" --" -"prefix=none \"Edit the address of those who work for the boss\"\n" -"\n" -" Add an entirely new kind of record to IPA that isn't covered by any of the " -"--type options, creating a permission:\n" -" ipa permission-add --permissions=add --subtree=\"cn=*,cn=orange," -"cn=accounts,dc=example,dc=com\" --desc=\"Add Orange Entries\" add_orange\n" -"\n" -"\n" -"The show command shows the raw 389-ds ACI.\n" -"\n" -"IMPORTANT: When modifying the target attributes of an existing ACI you\n" -"must include all existing attributes as well. When doing an aci-mod the\n" -"targetattr REPLACES the current attributes, it does not add to them.\n" -"\n" +#: ipalib/cli.py:587 ipa-client/ipa-getkeytab.c:768 +#, c-format +msgid "Passwords do not match!" msgstr "" -#: ipalib/plugins/aci.py:153 -msgid "A list of ACI values" +#: ipalib/cli.py:592 +msgid "Cancelled." msgstr "" -#: ipalib/plugins/aci.py:172 -msgid "" -"\n" -" Given a name and a prefix construct an ACI name.\n" -" " +#: ipalib/cli.py:753 +#, python-format +msgid "Purpose: %s" msgstr "" -#: ipalib/plugins/aci.py:181 -msgid "" -"\n" -" Parse the raw ACI name and return a tuple containing the ACI prefix\n" -" and the actual ACI name.\n" -" " +#: ipalib/cli.py:770 +msgid "Usage: ipa [global-options] COMMAND ..." msgstr "" -#: ipalib/plugins/aci.py:193 -msgid "" -"\n" -" Pull the group name out of a memberOf filter\n" -" " +#: ipalib/cli.py:772 +msgid "Built-in commands:" msgstr "" -#: ipalib/plugins/aci.py:204 -msgid "" -"\n" -" Given a name and a set of keywords construct an ACI.\n" -" " +#: ipalib/cli.py:774 +msgid "Help subtopics:" msgstr "" -#: ipalib/plugins/aci.py:215 -msgid "type, filter, subtree and targetgroup are mutually exclusive" +#: ipalib/cli.py:777 +msgid "Help topics:" msgstr "" -#: ipalib/plugins/aci.py:218 -msgid "ACI prefix is required" +#: ipalib/cli.py:782 +msgid "Try `ipa --help` for a list of global options." msgstr "" -#: ipalib/plugins/aci.py:221 -msgid "" -"at least one of: type, filter, subtree, targetgroup, attrs or memberof are " -"required" +#: ipalib/cli.py:816 +msgid "Topic commands:" msgstr "" -#: ipalib/plugins/aci.py:224 -msgid "filter and memberof are mutually exclusive" +#: ipalib/cli.py:827 +msgid "Command name" msgstr "" -#: ipalib/plugins/aci.py:230 -msgid "group, permission and self are mutually exclusive" +#: ipalib/cli.py:1130 +msgid "No file to read" msgstr "" -#: ipalib/plugins/aci.py:232 -msgid "One of group, permission or self is required" +#: ipalib/errors.py:303 +#, python-format +msgid "%(cver)s client incompatible with %(sver)s server at %(server)r" msgstr "" -#: ipalib/plugins/aci.py:251 -msgid "Group '%s' does not exist" +#: ipalib/errors.py:321 +#, python-format +msgid "unknown error %(code)d from %(server)s: %(error)s" msgstr "" -#: ipalib/plugins/aci.py:273 -msgid "empty filter" +#: ipalib/errors.py:337 +msgid "an internal error has occurred" msgstr "" -#: ipalib/plugins/aci.py:294 -msgid "Syntax Error: %(error)s" +#: ipalib/errors.py:359 +#, python-format +msgid "an internal error has occurred on server at %(server)r" msgstr "" -#: ipalib/plugins/aci.py:299 -msgid "" -"Convert an ACI into its equivalent keywords.\n" -"\n" -" This is used for the modify operation so we can merge the\n" -" incoming kw and existing ACI and pass the result to\n" -" _make_aci().\n" -" " +#: ipalib/errors.py:375 +#, python-format +msgid "unknown command %(name)r" msgstr "" -#: ipalib/plugins/aci.py:379 -msgid "ACI with name \"%s\" not found" +#: ipalib/errors.py:392 ipalib/errors.py:417 +#, python-format +msgid "error on server %(server)r: %(error)s" msgstr "" -#: ipalib/plugins/aci.py:400 -msgid "ACI prefix" +#: ipalib/errors.py:408 +#, python-format +msgid "cannot connect to %(uri)r: %(error)s" msgstr "" -#: ipalib/plugins/aci.py:401 -msgid "" -"Prefix used to distinguish ACI types (permission, delegation, selfservice, " -"none)" +#: ipalib/errors.py:426 +#, python-format +msgid "Invalid JSON-RPC request: %(error)s" msgstr "" -#: ipalib/plugins/aci.py:407 -msgid "" -"\n" -" ACI object.\n" -" " +#: ipalib/errors.py:442 +#, python-format +msgid "error marshalling data for XML-RPC transport: %(error)s" msgstr "" -#: ipalib/plugins/aci.py:412 -msgid "ACIs" +#: ipalib/errors.py:468 +#, python-format +msgid "Kerberos error: %(major)s/%(minor)s" msgstr "" -#: ipalib/plugins/aci.py:417 -msgid "ACI name" +#: ipalib/errors.py:485 +msgid "did not receive Kerberos credentials" msgstr "" -#: ipalib/plugins/aci.py:422 -msgid "Permission" +#: ipalib/errors.py:501 +#, python-format +msgid "Service %(service)r not found in Kerberos database" msgstr "" -#: ipalib/plugins/aci.py:423 -msgid "Permission ACI grants access to" +#: ipalib/errors.py:517 +msgid "No credentials cache found" msgstr "" -#: ipalib/plugins/aci.py:427 ipalib/plugins/delegation.py:130 -msgid "User group" +#: ipalib/errors.py:533 +msgid "Ticket expired" msgstr "" -#: ipalib/plugins/aci.py:428 ipalib/plugins/delegation.py:131 -msgid "User group ACI grants access to" +#: ipalib/errors.py:549 +msgid "Credentials cache permissions incorrect" msgstr "" -#: ipalib/plugins/aci.py:432 ipalib/plugins/baseldap.py:60 -#: ipalib/plugins/delegation.py:113 ipalib/plugins/permission.py:107 -#: ipalib/plugins/permission.py:118 ipalib/plugins/selfservice.py:86 -msgid "Permissions" +#: ipalib/errors.py:565 +msgid "Bad format in credentials cache" msgstr "" -#: ipalib/plugins/aci.py:433 -msgid "" -"comma-separated list of permissions to grant(read, write, add, delete, all)" +#: ipalib/errors.py:581 +msgid "Cannot resolve KDC for requested realm" msgstr "" -#: ipalib/plugins/aci.py:439 ipalib/plugins/delegation.py:119 -#: ipalib/plugins/permission.py:124 ipalib/plugins/selfservice.py:92 -msgid "Attributes" +#: ipalib/errors.py:600 +#, python-format +msgid "Insufficient access: %(info)s" msgstr "" -#: ipalib/plugins/aci.py:440 ipalib/plugins/delegation.py:120 -#: ipalib/plugins/permission.py:125 ipalib/plugins/selfservice.py:93 -msgid "Comma-separated list of attributes" +#: ipalib/errors.py:644 +#, python-format +msgid "command %(name)r takes no arguments" msgstr "" -#: ipalib/plugins/aci.py:444 ipalib/plugins/internal.py:164 -#: ipalib/plugins/permission.py:131 -msgid "Type" -msgstr "" +#: ipalib/errors.py:664 +#, python-format +msgid "command %(name)r takes at most %(count)d argument" +msgid_plural "command %(name)r takes at most %(count)d arguments" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/aci.py:445 -msgid "type of IPA object (user, group, host, hostgroup, service, netgroup)" +#: ipalib/errors.py:694 +#, python-format +msgid "overlapping arguments and options: %(names)r" msgstr "" -#: ipalib/plugins/aci.py:450 -msgid "Member of" +#: ipalib/errors.py:710 +#, python-format +msgid "%(name)r is required" msgstr "" -#: ipalib/plugins/aci.py:451 -msgid "Member of a group" +#: ipalib/errors.py:726 ipalib/errors.py:742 +#, python-format +msgid "invalid %(name)r: %(error)s" msgstr "" -#: ipalib/plugins/aci.py:455 ipalib/plugins/internal.py:234 -#: ipalib/plugins/permission.py:144 -msgid "Filter" +#: ipalib/errors.py:758 +#, python-format +msgid "api has no such namespace: %(name)r" msgstr "" -#: ipalib/plugins/aci.py:456 ipalib/plugins/permission.py:145 -msgid "Legal LDAP filter (e.g. ou=Engineering)" +#: ipalib/errors.py:767 +msgid "Passwords do not match" msgstr "" -#: ipalib/plugins/aci.py:460 ipalib/plugins/permission.py:150 -msgid "Subtree" +#: ipalib/errors.py:776 +msgid "Command not implemented" msgstr "" -#: ipalib/plugins/aci.py:461 -msgid "Subtree to apply ACI to" +#: ipalib/errors.py:785 +msgid "Client is not configured. Run ipa-client-install." msgstr "" -#: ipalib/plugins/aci.py:465 ipalib/plugins/permission.py:156 -msgid "Target group" +#: ipalib/errors.py:813 ipalib/errors.py:1053 ipalib/errors.py:1147 +#: ipalib/errors.py:1462 ipalib/errors.py:1479 +#, python-format +msgid "%(reason)s" msgstr "" -#: ipalib/plugins/aci.py:466 -msgid "Group to apply ACI to" +#: ipalib/errors.py:829 +msgid "This entry already exists" msgstr "" -#: ipalib/plugins/aci.py:470 -msgid "Target your own entry (self)" +#: ipalib/errors.py:845 +msgid "You must enroll a host in order to create a host service" msgstr "" -#: ipalib/plugins/aci.py:471 -msgid "Apply ACI to your own entry (self)" +#: ipalib/errors.py:861 +#, python-format +msgid "" +"Service principal is not of the form: service/fully-qualified host name: " +"%(reason)s" msgstr "" -#: ipalib/plugins/aci.py:478 +#: ipalib/errors.py:877 msgid "" -"\n" -" Create new ACI.\n" -" " +"The realm for the principal does not match the realm for this IPA server" msgstr "" -#: ipalib/plugins/aci.py:482 -msgid "Created ACI \"%(value)s\"" +#: ipalib/errors.py:893 +msgid "This command requires root access" msgstr "" -#: ipalib/plugins/aci.py:487 -msgid "Test the ACI syntax but don't write anything" +#: ipalib/errors.py:909 +msgid "This is already a posix group" msgstr "" -#: ipalib/plugins/aci.py:493 -msgid "" -"\n" -" Execute the aci-create operation.\n" -"\n" -" Returns the entry as it will be created in LDAP.\n" -"\n" -" :param aciname: The name of the ACI being added.\n" -" :param kw: Keyword arguments for the other LDAP attributes.\n" -" " +#: ipalib/errors.py:925 +#, python-format +msgid "Principal is not of the form user@REALM: %(principal)r" msgstr "" -#: ipalib/plugins/aci.py:533 -msgid "" -"\n" -" Delete ACI.\n" -" " +#: ipalib/errors.py:941 +msgid "This entry is already enabled" msgstr "" -#: ipalib/plugins/aci.py:538 -msgid "Deleted ACI \"%(value)s\"" +#: ipalib/errors.py:957 +msgid "This entry is already disabled" msgstr "" -#: ipalib/plugins/aci.py:543 -msgid "" -"\n" -" Execute the aci-delete operation.\n" -"\n" -" :param aciname: The name of the ACI being added.\n" -" :param kw: unused\n" -" " +#: ipalib/errors.py:973 +msgid "This entry cannot be enabled or disabled" msgstr "" -#: ipalib/plugins/aci.py:576 -msgid "" -"\n" -" Modify ACI.\n" -" " +#: ipalib/errors.py:989 +msgid "This entry is not a member" msgstr "" -#: ipalib/plugins/aci.py:582 ipalib/plugins/aci.py:830 -#: ipalib/plugins/aci.py:871 ipalib/plugins/delegation.py:255 -#: ipalib/plugins/selfservice.py:212 -msgid "ACI" +#: ipalib/errors.py:1005 +msgid "A group may not be a member of itself" msgstr "" -#: ipalib/plugins/aci.py:588 -msgid "Modified ACI \"%(value)s\"" +#: ipalib/errors.py:1021 +msgid "This entry is already a member" msgstr "" -#: ipalib/plugins/aci.py:633 -msgid "" -"\n" -" Search for ACIs.\n" -"\n" -" Returns a list of ACIs\n" -"\n" -" EXAMPLES:\n" -"\n" -" To find all ACIs that apply directly to members of the group ipausers:\n" -" ipa aci-find --memberof=ipausers\n" -"\n" -" To find all ACIs that grant add access:\n" -" ipa aci-find --permissions=add\n" -"\n" -" Note that the find command only looks for the given text in the set of\n" -" ACIs, it does not evaluate the ACIs to see if something would apply.\n" -" For example, searching on memberof=ipausers will find all ACIs that\n" -" have ipausers as a memberof. There may be other ACIs that apply to\n" -" members of that group indirectly.\n" -" " +#: ipalib/errors.py:1037 +#, python-format +msgid "Base64 decoding failed: %(reason)s" msgstr "" -#: ipalib/plugins/aci.py:653 -msgid "%(count)d ACI matched" -msgid_plural "%(count)d ACIs matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/errors.py:1069 +msgid "A group may not be added as a member of itself" +msgstr "" -#: ipalib/plugins/aci.py:823 -msgid "" -"\n" -" Display a single ACI given an ACI name.\n" -" " +#: ipalib/errors.py:1085 +msgid "The default users group cannot be removed" +msgstr "" + +#: ipalib/errors.py:1101 +msgid "Host does not have corresponding DNS A record" msgstr "" -#: ipalib/plugins/aci.py:837 +#: ipalib/errors.py:1116 +msgid "Deleting a managed group is not allowed. It must be detached first." +msgstr "" + +#: ipalib/errors.py:1131 +msgid "A managed group cannot have a password policy." +msgstr "" + +#: ipalib/errors.py:1163 +#, python-format +msgid "'%(entry)s' doesn't have a certificate." +msgstr "" + +#: ipalib/errors.py:1179 +#, python-format +msgid "Unable to create private group. A group '%(group)s' already exists." +msgstr "" + +#: ipalib/errors.py:1195 +#, python-format msgid "" -"\n" -" Execute the aci-show operation.\n" -"\n" -" Returns the entry\n" -"\n" -" :param uid: The login name of the user to retrieve.\n" -" :param kw: unused\n" -" " +"A problem was encountered when verifying that all members were %(verb)s: " +"%(exc)s" +msgstr "" + +#: ipalib/errors.py:1213 +#, python-format +msgid "%(attr)s does not contain '%(value)s'" msgstr "" -#: ipalib/plugins/aci.py:865 +#: ipalib/errors.py:1230 +#, python-format msgid "" -"\n" -" Rename an ACI.\n" -" " +"The search criteria was not specific enough. Expected 1 and found %(found)d." msgstr "" -#: ipalib/plugins/aci.py:878 -msgid "New ACI name" +#: ipalib/errors.py:1254 +#, python-format +msgid "no command nor help topic %(topic)r" msgstr "" -#: ipalib/plugins/aci.py:882 -msgid "Renamed ACI to \"%(value)s\"" +#: ipalib/errors.py:1278 +msgid "change collided with another change" msgstr "" -#: ipalib/plugins/automount.py:20 -msgid "" -"\n" -"Automount\n" -"\n" -"Stores automount(8) configuration for autofs(8) in IPA.\n" -"\n" -"The base of an automount configuration is the configuration file auto." -"master.\n" -"This is also the base location in IPA. Multiple auto.master configurations\n" -"can be stored in separate locations. A location is implementation-specific\n" -"with the default being a location named 'default'. For example, you can " -"have\n" -"locations by geographic region, by floor, by type, etc.\n" -"\n" -"Automount has three basic object types: locations, maps and keys.\n" -"\n" -"A location defines a set of maps anchored in auto.master. This allows you\n" -"to store multiple automount configurations. A location in itself isn't\n" -"very interesting, it is just a point to start a new automount map.\n" -"\n" -"A map is roughly equivalent to a discrete automount file and provides\n" -"storage for keys.\n" -"\n" -"A key is a mount point associated with a map.\n" -"\n" -"When a new location is created, two maps are automatically created for\n" -"it: auto.master and auto.direct. auto.master is the root map for all\n" -"automount maps for the location. auto.direct is the default map for\n" -"direct mounts and is mounted on /-.\n" -"\n" -"EXAMPLES:\n" -"\n" -"Locations:\n" -"\n" -" Create a named location, \"Baltimore\":\n" -" ipa automountlocation-add baltimore\n" -"\n" -" Display the new location:\n" -" ipa automountlocation-show baltimore\n" -"\n" -" Find available locations:\n" -" ipa automountlocation-find\n" -"\n" -" Remove a named automount location:\n" -" ipa automountlocation-del baltimore\n" -"\n" -" Show what the automount maps would look like if they were in the " -"filesystem:\n" -" ipa automountlocation-tofiles baltimore\n" -"\n" -" Import an existing configuration into a location:\n" -" ipa automountlocation-import baltimore /etc/auto.master\n" -"\n" -" The import will fail if any duplicate entries are found. For\n" -" continuous operation where errors are ignored, use the --continue\n" -" option.\n" -"\n" -"Maps:\n" -"\n" -" Create a new map, \"auto.share\":\n" -" ipa automountmap-add baltimore auto.share\n" -"\n" -" Display the new map:\n" -" ipa automountmap-show baltimore auto.share\n" -"\n" -" Find maps in the location baltimore:\n" -" ipa automountmap-find baltimore\n" -"\n" -" Remove the auto.share map:\n" -" ipa automountmap-del baltimore auto.share\n" -"\n" -"Keys:\n" -"\n" -" Create a new key for the auto.share map in location baltimore. This ties\n" -" the map we previously created to auto.master:\n" -" ipa automountkey-add baltimore auto.master --key=/share --info=auto." -"share\n" -"\n" -" Create a new key for our auto.share map, an NFS mount for man pages:\n" -" ipa automountkey-add baltimore auto.share --key=man --info=\"-ro,soft," -"rsize=8192,wsize=8192 ipa.example.com:/shared/man\"\n" -"\n" -" Find all keys for the auto.share map:\n" -" ipa automountkey-find baltimore auto.share\n" -"\n" -" Find all direct automount keys:\n" -" ipa automountkey-find baltimore --key=/-\n" -"\n" -" Remove the man key from the auto.share map:\n" -" ipa automountkey-del baltimore auto.share --key=man\n" +#: ipalib/errors.py:1294 +msgid "no modifications to be performed" msgstr "" -#: ipalib/plugins/automount.py:182 -msgid "" -"\n" -" Location container for automount maps.\n" -" " +#: ipalib/errors.py:1310 +#, python-format +msgid "%(desc)s: %(info)s" msgstr "" -#: ipalib/plugins/automount.py:190 -msgid "Automount Locations" +#: ipalib/errors.py:1326 +msgid "limits exceeded for this query" msgstr "" -#: ipalib/plugins/automount.py:196 ipalib/plugins/host.py:247 -msgid "Location" +#: ipalib/errors.py:1341 +#, python-format +msgid "%(info)s" msgstr "" -#: ipalib/plugins/automount.py:197 -msgid "Automount location name." +#: ipalib/errors.py:1356 +msgid "modifying primary key is not allowed" msgstr "" -#: ipalib/plugins/automount.py:206 -msgid "" -"\n" -" Create a new automount location.\n" -" " +#: ipalib/errors.py:1372 +#, python-format +msgid "%(attr)s: Only one value allowed." msgstr "" -#: ipalib/plugins/automount.py:221 -msgid "" -"\n" -" Delete an automount location.\n" -" " +#: ipalib/errors.py:1388 +#, python-format +msgid "%(attr)s: Invalid syntax." msgstr "" -#: ipalib/plugins/automount.py:229 -msgid "" -"\n" -" Display an automount location.\n" -" " +#: ipalib/errors.py:1404 +#, python-format +msgid "Bad search filter %(info)s" msgstr "" -#: ipalib/plugins/automount.py:237 -msgid "" -"\n" -" Search for an automount location.\n" -" " +#: ipalib/errors.py:1429 +#, python-format +msgid "Certificate operation cannot be completed: %(error)s" msgstr "" -#: ipalib/plugins/automount.py:245 -msgid "" -"\n" -" Generate automount files for a specific location.\n" -" " +#: ipalib/errors.py:1445 +#, python-format +msgid "Certificate format error: %(error)s" msgstr "" -#: ipalib/plugins/automount.py:308 -msgid "" -"\n" -" Import automount files for a specific location.\n" -" " +#: ipalib/errors.py:1496 +msgid "Already registered" msgstr "" -#: ipalib/plugins/automount.py:314 -msgid "Master file" +#: ipalib/errors.py:1512 +msgid "Not registered yet" msgstr "" -#: ipalib/plugins/automount.py:315 -msgid "Automount master file." +#: ipalib/frontend.py:408 +msgid "Results are truncated, try a more specific search" msgstr "" -#: ipalib/plugins/automount.py:322 +#: ipalib/frontend.py:821 msgid "" -"Continuous operation mode. Errors are reported but the process continues." +"Retrieve and print all attributes from the server. Affects command output." msgstr "" -#: ipalib/plugins/automount.py:334 -msgid "File %(file)s not found" +#: ipalib/frontend.py:827 +msgid "Print entries as stored on the server. Only affects output format." msgstr "" -#: ipalib/plugins/automount.py:341 -msgid "" -"\n" -" The basic idea is to read the master file and create all the maps\n" -" we need, then read each map file and add all the keys for the map.\n" -" " +#: ipalib/frontend.py:832 ipalib/plugins/batch.py:69 +msgid "Client version. Used to determine if server will accept request." msgstr "" -#: ipalib/plugins/automount.py:492 -msgid "" -"\n" -" Automount map object.\n" -" " +#: ipalib/frontend.py:967 +msgid "Forward to server instead of running locally" msgstr "" -#: ipalib/plugins/automount.py:505 -msgid "Map" +#: ipalib/output.py:92 +msgid "A dictionary representing an LDAP entry" msgstr "" -#: ipalib/plugins/automount.py:506 -msgid "Automount map name." +#: ipalib/output.py:100 +msgid "A list of LDAP entries" msgstr "" -#: ipalib/plugins/automount.py:511 ipalib/plugins/group.py:114 -#: ipalib/plugins/hbacrule.py:171 ipalib/plugins/hbacsvc.py:73 -#: ipalib/plugins/hbacsvcgroup.py:75 ipalib/plugins/host.py:237 -#: ipalib/plugins/hostgroup.py:85 ipalib/plugins/netgroup.py:109 -#: ipalib/plugins/privilege.py:76 ipalib/plugins/role.py:92 -#: ipalib/plugins/sudocmd.py:74 ipalib/plugins/sudocmdgroup.py:76 -#: ipalib/plugins/sudorule.py:78 -msgid "Description" +#: ipalib/output.py:111 +msgid "All commands should at least have a result" msgstr "" -#: ipalib/plugins/automount.py:515 -msgid "Automount Maps" +#: ipalib/parameters.py:358 +msgid "incorrect type" msgstr "" -#: ipalib/plugins/automount.py:521 -msgid "" -"\n" -" Create a new automount map.\n" -" " +#: ipalib/parameters.py:361 +msgid "Only one value is allowed" msgstr "" -#: ipalib/plugins/automount.py:529 -msgid "" -"\n" -" Delete an automount map.\n" -" " +#: ipalib/parameters.py:1023 +msgid "must be True or False" msgstr "" -#: ipalib/plugins/automount.py:548 -msgid "" -"\n" -" Modify an automount map.\n" -" " +#: ipalib/parameters.py:1124 +msgid "must be an integer" msgstr "" -#: ipalib/plugins/automount.py:556 -msgid "" -"\n" -" Search for an automount map.\n" -" " +#: ipalib/parameters.py:1176 +#, python-format +msgid "must be at least %(minvalue)d" msgstr "" -#: ipalib/plugins/automount.py:564 -msgid "" -"\n" -" Display an automount map.\n" -" " +#: ipalib/parameters.py:1186 +#, python-format +msgid "can be at most %(maxvalue)d" msgstr "" -#: ipalib/plugins/automount.py:572 -msgid "" -"\n" -" Automount key object.\n" -" " +#: ipalib/parameters.py:1227 +msgid "must be a decimal number" msgstr "" -#: ipalib/plugins/automount.py:589 ipalib/plugins/automount.py:778 -#: ipalib/plugins/automount.py:850 -msgid "Key" +#: ipalib/parameters.py:1250 +#, python-format +msgid "must be at least %(minvalue)f" msgstr "" -#: ipalib/plugins/automount.py:590 ipalib/plugins/automount.py:779 -#: ipalib/plugins/automount.py:851 -msgid "Automount key name." +#: ipalib/parameters.py:1260 +#, python-format +msgid "can be at most %(maxvalue)f" msgstr "" -#: ipalib/plugins/automount.py:594 ipalib/plugins/automount.py:783 -#: ipalib/plugins/automount.py:855 -msgid "Mount information" +#: ipalib/parameters.py:1327 +#, python-format +msgid "must match pattern \"%(pattern)s\"" msgstr "" -#: ipalib/plugins/automount.py:597 -msgid "description" +#: ipalib/parameters.py:1345 +msgid "must be binary data" msgstr "" -#: ipalib/plugins/automount.py:606 -msgid "Automount Keys" +#: ipalib/parameters.py:1361 +#, python-format +msgid "must be at least %(minlength)d bytes" msgstr "" -#: ipalib/plugins/automount.py:607 -msgid "" -"The key,info pair must be unique. A key named %(key)s with info %(info)s " -"already exists" +#: ipalib/parameters.py:1371 +#, python-format +msgid "can be at most %(maxlength)d bytes" msgstr "" -#: ipalib/plugins/automount.py:608 -msgid "key named %(key)s already exists" +#: ipalib/parameters.py:1381 +#, python-format +msgid "must be exactly %(length)d bytes" msgstr "" -#: ipalib/plugins/automount.py:609 -msgid "The automount key %(key)s with info %(info)s does not exist" +#: ipalib/parameters.py:1403 +msgid "must be Unicode text" msgstr "" -#: ipalib/plugins/automount.py:659 -msgid "" -"More than one entry with key %(key)s found, use --info to select specific " -"entry." +#: ipalib/parameters.py:1436 +msgid "Leading and trailing spaces are not allowed" msgstr "" -#: ipalib/plugins/automount.py:717 -msgid "" -"\n" -" Create a new automount key.\n" -" " +#: ipalib/parameters.py:1444 +#, python-format +msgid "must be at least %(minlength)d characters" msgstr "" -#: ipalib/plugins/automount.py:742 -msgid "" -"\n" -" Create a new indirect mount point.\n" -" " +#: ipalib/parameters.py:1454 +#, python-format +msgid "can be at most %(maxlength)d characters" msgstr "" -#: ipalib/plugins/automount.py:748 -msgid "Mount point" +#: ipalib/parameters.py:1464 +#, python-format +msgid "must be exactly %(length)d characters" msgstr "" -#: ipalib/plugins/automount.py:752 -msgid "Parent map" +#: ipalib/parameters.py:1482 +#, python-format +msgid "The character '%(char)r' is not allowed." msgstr "" -#: ipalib/plugins/automount.py:753 -msgid "Name of parent automount map (default: auto.master)." +#: ipalib/parameters.py:1526 +#, python-format +msgid "must be one of %(values)r" msgstr "" -#: ipalib/plugins/automount.py:772 -msgid "" -"\n" -" Delete an automount key.\n" -" " +#: ipalib/plugins/aci.py:153 +msgid "A list of ACI values" msgstr "" -#: ipalib/plugins/automount.py:803 -msgid "" -"\n" -" Modify an automount key.\n" -" " +#: ipalib/plugins/aci.py:215 +msgid "type, filter, subtree and targetgroup are mutually exclusive" msgstr "" -#: ipalib/plugins/automount.py:809 -msgid "New mount information" +#: ipalib/plugins/aci.py:218 +msgid "ACI prefix is required" msgstr "" -#: ipalib/plugins/automount.py:836 +#: ipalib/plugins/aci.py:221 msgid "" -"\n" -" Search for an automount key.\n" -" " +"at least one of: type, filter, subtree, targetgroup, attrs or memberof are " +"required" msgstr "" -#: ipalib/plugins/automount.py:844 -msgid "" -"\n" -" Display an automount key.\n" -" " +#: ipalib/plugins/aci.py:224 +msgid "filter and memberof are mutually exclusive" msgstr "" -#: ipalib/plugins/baseldap.py:19 -msgid "" -"\n" -"Base classes for LDAP plugins.\n" +#: ipalib/plugins/aci.py:230 +msgid "group, permission and self are mutually exclusive" msgstr "" -#: ipalib/plugins/baseldap.py:39 -msgid "Failed members" +#: ipalib/plugins/aci.py:232 +msgid "One of group, permission or self is required" msgstr "" -#: ipalib/plugins/baseldap.py:42 -msgid "Member users" +#: ipalib/plugins/aci.py:251 +#, python-format +msgid "Group '%s' does not exist" msgstr "" -#: ipalib/plugins/baseldap.py:45 -msgid "Member groups" +#: ipalib/plugins/aci.py:273 +msgid "empty filter" msgstr "" -#: ipalib/plugins/baseldap.py:48 -msgid "Member of groups" +#: ipalib/plugins/aci.py:294 +#, python-format +msgid "Syntax Error: %(error)s" msgstr "" -#: ipalib/plugins/baseldap.py:51 -msgid "Member hosts" +#: ipalib/plugins/aci.py:379 +#, python-format +msgid "ACI with name \"%s\" not found" msgstr "" -#: ipalib/plugins/baseldap.py:54 -msgid "Member host-groups" +#: ipalib/plugins/aci.py:400 +msgid "ACI prefix" msgstr "" -#: ipalib/plugins/baseldap.py:57 -msgid "Member of host-groups" +#: ipalib/plugins/aci.py:401 +msgid "" +"Prefix used to distinguish ACI types (permission, delegation, selfservice, " +"none)" msgstr "" -#: ipalib/plugins/baseldap.py:66 -msgid "Roles" +#: ipalib/plugins/aci.py:412 +msgid "ACIs" msgstr "" -#: ipalib/plugins/baseldap.py:69 ipalib/plugins/sudocmdgroup.py:65 -#: ipalib/plugins/sudocmdgroup.py:84 ipalib/plugins/sudorule.py:139 -#: ipalib/plugins/sudorule.py:143 -msgid "Sudo Command Groups" +#: ipalib/plugins/aci.py:417 +msgid "ACI name" msgstr "" -#: ipalib/plugins/baseldap.py:75 -msgid "Granting privilege to roles" +#: ipalib/plugins/aci.py:423 ipalib/plugins/permission.py:109 +msgid "Permission" msgstr "" -#: ipalib/plugins/baseldap.py:78 -msgid "Member netgroups" +#: ipalib/plugins/aci.py:424 +msgid "Permission ACI grants access to" msgstr "" -#: ipalib/plugins/baseldap.py:81 -msgid "Member of netgroups" +#: ipalib/plugins/aci.py:429 ipalib/plugins/delegation.py:134 +msgid "User group" msgstr "" -#: ipalib/plugins/baseldap.py:84 -msgid "Member services" +#: ipalib/plugins/aci.py:430 ipalib/plugins/delegation.py:135 +msgid "User group ACI grants access to" msgstr "" -#: ipalib/plugins/baseldap.py:87 -msgid "Member service groups" +#: ipalib/plugins/aci.py:435 ipalib/plugins/baseldap.py:64 +#: ipalib/plugins/delegation.py:115 ipalib/plugins/permission.py:108 +#: ipalib/plugins/permission.py:119 ipalib/plugins/selfservice.py:88 +msgid "Permissions" msgstr "" -#: ipalib/plugins/baseldap.py:93 -msgid "Member HBAC service groups" +#: ipalib/plugins/aci.py:436 +msgid "" +"comma-separated list of permissions to grant(read, write, add, delete, all)" msgstr "" -#: ipalib/plugins/baseldap.py:102 -msgid "Indirect Member users" +#: ipalib/plugins/aci.py:444 ipalib/plugins/delegation.py:122 +#: ipalib/plugins/permission.py:126 ipalib/plugins/selfservice.py:95 +msgid "Attributes" msgstr "" -#: ipalib/plugins/baseldap.py:105 -msgid "Indirect Member groups" +#: ipalib/plugins/aci.py:445 ipalib/plugins/delegation.py:123 +#: ipalib/plugins/permission.py:127 ipalib/plugins/selfservice.py:96 +msgid "Comma-separated list of attributes" msgstr "" -#: ipalib/plugins/baseldap.py:108 -msgid "Indirect Member hosts" +#: ipalib/plugins/aci.py:451 ipalib/plugins/permission.py:134 +msgid "Type" msgstr "" -#: ipalib/plugins/baseldap.py:111 -msgid "Indirect Member host-groups" +#: ipalib/plugins/aci.py:452 +msgid "type of IPA object (user, group, host, hostgroup, service, netgroup)" msgstr "" -#: ipalib/plugins/baseldap.py:114 -msgid "Indirect Member of roles" +#: ipalib/plugins/aci.py:458 +msgid "Member of" msgstr "" -#: ipalib/plugins/baseldap.py:117 -msgid "Indirect Member permissions" +#: ipalib/plugins/aci.py:459 +msgid "Member of a group" msgstr "" -#: ipalib/plugins/baseldap.py:120 -msgid "Indirect Member HBAC service" +#: ipalib/plugins/aci.py:464 ipalib/plugins/permission.py:147 +msgid "Filter" msgstr "" -#: ipalib/plugins/baseldap.py:123 -msgid "Indirect Member HBAC service group" +#: ipalib/plugins/aci.py:465 ipalib/plugins/permission.py:148 +msgid "Legal LDAP filter (e.g. ou=Engineering)" msgstr "" -#: ipalib/plugins/baseldap.py:126 -msgid "Indirect Member netgroups" +#: ipalib/plugins/aci.py:470 ipalib/plugins/permission.py:153 +msgid "Subtree" msgstr "" -#: ipalib/plugins/baseldap.py:141 -msgid "External host" +#: ipalib/plugins/aci.py:471 +msgid "Subtree to apply ACI to" msgstr "" -#: ipalib/plugins/baseldap.py:144 -msgid "Failed hosts/hostgroups" +#: ipalib/plugins/aci.py:476 ipalib/plugins/permission.py:159 +msgid "Target group" msgstr "" -#: ipalib/plugins/baseldap.py:147 -msgid "Failed users/groups" +#: ipalib/plugins/aci.py:477 +msgid "Group to apply ACI to" msgstr "" -#: ipalib/plugins/baseldap.py:150 -msgid "Failed managedby" +#: ipalib/plugins/aci.py:482 +msgid "Target your own entry (self)" msgstr "" -#: ipalib/plugins/baseldap.py:153 -msgid "Failed to remove" +#: ipalib/plugins/aci.py:483 +msgid "Apply ACI to your own entry (self)" msgstr "" -#: ipalib/plugins/baseldap.py:171 -msgid "" -"\n" -" Given a list of values in the form name=value, return a list of name.\n" -" " +#: ipalib/plugins/aci.py:495 +#, python-format +msgid "Created ACI \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/aci.py:500 +msgid "Test the ACI syntax but don't write anything" +msgstr "" + +#: ipalib/plugins/aci.py:551 +#, python-format +msgid "Deleted ACI \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/aci.py:595 ipalib/plugins/aci.py:843 +#: ipalib/plugins/aci.py:884 ipalib/plugins/delegation.py:250 +#: ipalib/plugins/selfservice.py:207 +msgid "ACI" +msgstr "" + +#: ipalib/plugins/aci.py:601 +#, python-format +msgid "Modified ACI \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/aci.py:666 +#, python-format +msgid "%(count)d ACI matched" +msgid_plural "%(count)d ACIs matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/aci.py:891 +msgid "New ACI name" +msgstr "" + +#: ipalib/plugins/aci.py:895 +#, python-format +msgid "Renamed ACI to \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:197 +#: ipalib/plugins/automember.py:28 msgid "" "\n" -" When adding or removing reverse members we are faking an update to\n" -" object A by updating the member attribute in object B. The memberof\n" -" plugin makes this work by adding or removing the memberof attribute\n" -" to/from object A, it just takes a little bit of time.\n" +"Auto Membership Rule.\n" "\n" -" This will loop for 6+ seconds, retrieving object A so we can see\n" -" if all the memberof attributes have been updated.\n" -" " +"Bring clarity to the membership of hosts and users by configuring inclusive\n" +"or exclusive regex paterns, you can automatically assign a new entries into\n" +"a group or hostgroup based upon attribute information.\n" +"\n" +"A rule is directly associated with a group by name, so you cannot create\n" +"a rule without an accompanying group or hostgroup\n" +"\n" +"A condition is a regular expression used by 389-ds to match a new incoming\n" +"entry with an automember rule. If it matches an inclusive rule then the\n" +"entry is added to the appropriate group or hostgroup.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Create the initial group or hostgroup:\n" +" ipa hostgroup-add --desc=\"Web Servers\" webservers\n" +" ipa group-add --desc=\"Developers\" devel\n" +"\n" +" Create the initial rule:\n" +" ipa automember-add --type=hostgroup webservers\n" +" ipa automember-add --type=group devel\n" +"\n" +" Add a condition to the rule:\n" +" ipa automember-add-condition --key=fqdn --type=hostgroup --inclusive-" +"regex=^web[1-9]+\\.example\\.com webservers\n" +" ipa automember-add-condition --key=manager --type=group --inclusive-" +"regex=^uid=mscott devel\n" +"\n" +" Add an exclusive condition to the rule to prevent auto assignment:\n" +" ipa automember-add-condition --key=fqdn --type=hostgroup --exclusive-" +"regex=^web5\\.example\\.com webservers\n" +"\n" +" Add a host:\n" +" ipa host-add web1.example.com\n" +"\n" +" Add a user:\n" +" ipa user-add --first=Tim --last=User --password tuser1 --manager=mscott\n" +"\n" +" Verify automembership:\n" +" ipa hostgroup-show webservers\n" +" Host-group: webservers\n" +" Description: Web Servers\n" +" Member hosts: web1.example.com\n" +"\n" +" ipa group-show devel\n" +" Group name: devel\n" +" Description: Developers\n" +" GID: 1004200000\n" +" Member users: tuser\n" +"\n" +" Remove a condition from the rule:\n" +" ipa automember-remove-condition --key=fqdn --type=hostgroup --inclusive-" +"regex=^web[1-9]+\\.example\\.com webservers\n" +"\n" +" Modify the automember rule:\n" +" ipa automember-mod\n" +"\n" +" Set the default target group:\n" +" ipa automember-default-group-set --default-group=webservers --" +"type=hostgroup\n" +" ipa automember-default-group-set --default-group=ipausers --type=group\n" +"\n" +" Set the default target group:\n" +" ipa automember-default-group-remove --type=hostgroup\n" +" ipa automember-default-group-remove --type=group\n" +"\n" +" Show the default target group:\n" +" ipa automember-default-group-show --type=hostgroup\n" +" ipa automember-default-group-show --type=group\n" +"\n" +" Find all of the automember rules:\n" +" ipa automember-find\n" +"\n" +" Display a automember rule:\n" +" ipa automember-show --type=hostgroup webservers\n" +" ipa automember-show --type=group devel\n" +"\n" +" Delete an automember rule:\n" +" ipa automember-del --type=hostgroup webservers\n" +" ipa automember-del --type=group devel\n" msgstr "" -#: ipalib/plugins/baseldap.py:241 -msgid "" -"\n" -" Object representing a LDAP entry.\n" -" " +#: ipalib/plugins/automember.py:114 ipalib/plugins/automember.py:115 +msgid "Inclusive Regex" msgstr "" -#: ipalib/plugins/baseldap.py:281 -msgid "Entry" +#: ipalib/plugins/automember.py:121 ipalib/plugins/automember.py:122 +msgid "Exclusive Regex" msgstr "" -#: ipalib/plugins/baseldap.py:283 -msgid "container entry (%(container)s) not found" +#: ipalib/plugins/automember.py:127 +msgid "Attribute Key" msgstr "" -#: ipalib/plugins/baseldap.py:284 -msgid "%(parent)s: %(oname)s not found" +#: ipalib/plugins/automember.py:128 +msgid "" +"Attribute to filter via regex. For example fqdn for a host, or manager for a " +"user" msgstr "" -#: ipalib/plugins/baseldap.py:285 -msgid "%(pkey)s: %(oname)s not found" +#: ipalib/plugins/automember.py:135 +msgid "Grouping Type" msgstr "" -#: ipalib/plugins/baseldap.py:286 -msgid "%(oname)s with name \"%(pkey)s\" already exists" +#: ipalib/plugins/automember.py:136 +msgid "Grouping to which the rule applies" msgstr "" -#: ipalib/plugins/baseldap.py:415 -msgid "" -"Add an attribute/value pair. Format is attr=value. The attribute must be " -"part of the schema." +#: ipalib/plugins/automember.py:144 ipalib/plugins/automember.py:145 +msgid "Automember Rule" msgstr "" -#: ipalib/plugins/baseldap.py:420 -msgid "" -"Set an attribute to a name/value pair. Format is attr=value.\n" -"For multi-valued attributes, the command replaces the values already present." +#: ipalib/plugins/automember.py:166 +msgid "Auto Membership Rule" msgstr "" -#: ipalib/plugins/baseldap.py:444 -msgid "" -"\n" -" If the set of objectclasses is limited enforce that only those\n" -" are updated in entry_attrs (plus dn)\n" -"\n" -" allow_only tells us what mode to check in:\n" -"\n" -" If True then we enforce that the attributes must be in the list of\n" -" allowed.\n" -"\n" -" If False then those attributes are not allowed.\n" -" " +#: ipalib/plugins/automember.py:171 ipalib/plugins/automount.py:526 +#: ipalib/plugins/group.py:115 ipalib/plugins/hbacrule.py:181 +#: ipalib/plugins/hbacsvc.py:79 ipalib/plugins/hbacsvcgroup.py:77 +#: ipalib/plugins/host.py:263 ipalib/plugins/hostgroup.py:87 +#: ipalib/plugins/netgroup.py:111 ipalib/plugins/privilege.py:76 +#: ipalib/plugins/role.py:92 ipalib/plugins/sudocmd.py:76 +#: ipalib/plugins/sudocmdgroup.py:78 ipalib/plugins/sudorule.py:103 +msgid "Description" msgstr "" -#: ipalib/plugins/baseldap.py:474 -msgid "" -"\n" -" Callback registration interface\n" -" " +#: ipalib/plugins/automember.py:172 +msgid "A description of this auto member rule" msgstr "" -#: ipalib/plugins/baseldap.py:561 -msgid "" -"\n" -" Create a new entry in LDAP.\n" -" " +#: ipalib/plugins/automember.py:176 ipalib/plugins/automember.py:509 +msgid "Default Group" msgstr "" -#: ipalib/plugins/baseldap.py:703 -msgid "" -"\n" -" Base class for commands that need to retrieve an existing entry.\n" -" " +#: ipalib/plugins/automember.py:177 ipalib/plugins/automember.py:510 +msgid "Default group for entires to land" msgstr "" -#: ipalib/plugins/baseldap.py:727 -msgid "" -"\n" -" Base class for commands that need to retrieve one or more existing " -"entries.\n" -" " +#: ipalib/plugins/automember.py:188 +#, python-format +msgid "Group: %s not found!" msgstr "" -#: ipalib/plugins/baseldap.py:733 -msgid "Continuous mode: Don't stop on errors." +#: ipalib/plugins/automember.py:215 +#, python-format +msgid "%s is not a valid attribute." msgstr "" -#: ipalib/plugins/baseldap.py:750 +#: ipalib/plugins/automember.py:228 msgid "" "\n" -" Retrieve an LDAP entry.\n" +" Add an automember rule.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:758 ipalib/plugins/baseldap.py:827 -#: ipalib/plugins/internal.py:232 -msgid "Rights" +#: ipalib/plugins/automember.py:233 +#, python-format +msgid "Added automember rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:759 ipalib/plugins/baseldap.py:828 -msgid "" -"Display the access rights of this entry (requires --all). See ipa man page " -"for details." +#: ipalib/plugins/automember.py:239 +msgid "Auto Membership is not configured" msgstr "" -#: ipalib/plugins/baseldap.py:821 +#: ipalib/plugins/automember.py:252 msgid "" "\n" -" Update an LDAP entry.\n" +" Add conditions to an automember rule.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:837 -msgid "Rename" +#: ipalib/plugins/automember.py:257 +msgid "Failed to add" msgstr "" -#: ipalib/plugins/baseldap.py:838 -msgid "Rename the %(ldap_obj_name)s object" +#: ipalib/plugins/automember.py:264 +#, python-format +msgid "Added condition(s) to \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:957 -msgid "the entry was deleted while being modified" +#: ipalib/plugins/automember.py:273 +msgid "Conditions that could not be added" msgstr "" -#: ipalib/plugins/baseldap.py:988 -msgid "" -"\n" -" Delete an LDAP entry and all of its direct subentries.\n" -" " +#: ipalib/plugins/automember.py:277 +msgid "Number of conditions added" msgstr "" -#: ipalib/plugins/baseldap.py:1078 +#: ipalib/plugins/automember.py:286 ipalib/plugins/automember.py:372 +#, python-format +msgid "Auto member rule: %s not found!" +msgstr "" + +#: ipalib/plugins/automember.py:329 msgid "" "\n" -" Base class for member manipulation.\n" -" " +" Override this so we can add completed and failed to the return " +"result.\n" +" " msgstr "" -#: ipalib/plugins/baseldap.py:1120 +#: ipalib/plugins/automember.py:345 msgid "" "\n" -" Add other LDAP entries to members.\n" +" Remove conditions from an automember rule.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:1131 ipalib/plugins/baseldap.py:1592 -#: ipalib/plugins/privilege.py:165 ipalib/plugins/privilege.py:191 -#: ipalib/plugins/role.py:179 ipalib/plugins/role.py:203 -msgid "Members that could not be added" +#: ipalib/plugins/automember.py:350 +#, python-format +msgid "Removed condition(s) to \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:1135 ipalib/plugins/baseldap.py:1596 -msgid "Number of members added" +#: ipalib/plugins/automember.py:359 +msgid "Conditions that could not be removed" msgstr "" -#: ipalib/plugins/baseldap.py:1226 +#: ipalib/plugins/automember.py:363 +msgid "Number of conditions removed" +msgstr "" + +#: ipalib/plugins/automember.py:418 msgid "" "\n" -" Remove LDAP entries from members.\n" -" " +" Override this so we can set completed and failed.\n" +" " msgstr "" -#: ipalib/plugins/baseldap.py:1236 ipalib/plugins/baseldap.py:1705 -msgid "Members that could not be removed" +#: ipalib/plugins/automember.py:434 +msgid "" +"\n" +" Modify an automember rule.\n" +" " msgstr "" -#: ipalib/plugins/baseldap.py:1240 ipalib/plugins/baseldap.py:1709 -msgid "Number of members removed" +#: ipalib/plugins/automember.py:439 +#, python-format +msgid "Modified automember rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:1335 +#: ipalib/plugins/automember.py:450 msgid "" "\n" -" Retrieve all LDAP entries matching the given criteria.\n" +" Delete an automember rule.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:1344 -msgid "Time Limit" -msgstr "" - -#: ipalib/plugins/baseldap.py:1345 -msgid "Time limit of search in seconds" +#: ipalib/plugins/automember.py:455 +#, python-format +msgid "Deleted automember rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:1351 -msgid "Size Limit" +#: ipalib/plugins/automember.py:466 +msgid "" +"\n" +" Search for automember rules.\n" +" " msgstr "" -#: ipalib/plugins/baseldap.py:1352 -msgid "Maximum number of entries returned" -msgstr "" +#: ipalib/plugins/automember.py:473 +#, python-format +msgid "%(count)d rules matched" +msgid_plural "%(count)d rules matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/baseldap.py:1552 +#: ipalib/plugins/automember.py:486 msgid "" "\n" -" Base class for reverse member manipulation.\n" +" Display information about an automember rule.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:1574 +#: ipalib/plugins/automember.py:502 msgid "" "\n" -" Add other LDAP entries to members in reverse.\n" -"\n" -" The call looks like \"add A to B\" but in fact executes\n" -" add B to A to handle reverse membership.\n" +" Set default group for all unmatched entries.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:1654 -msgid "added" +#: ipalib/plugins/automember.py:514 +#, python-format +msgid "Set default group for automember \"%(value)s\"" msgstr "" -#: ipalib/plugins/baseldap.py:1687 +#: ipalib/plugins/automember.py:531 msgid "" "\n" -" Remove other LDAP entries from members in reverse.\n" -"\n" -" The call looks like \"remove A from B\" but in fact executes\n" -" remove B from A to handle reverse membership.\n" +" Remove default group for all unmatched entries.\n" " " msgstr "" -#: ipalib/plugins/baseldap.py:1767 -msgid "removed" +#: ipalib/plugins/automember.py:536 +#, python-format +msgid "Removed default group for automember \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/automember.py:548 +msgid "No default group set" msgstr "" -#: ipalib/plugins/batch.py:21 +#: ipalib/plugins/automember.py:567 msgid "" "\n" -"Plugin to make multiple ipa calls via one remote procedure call\n" +" Display information about the default automember groups.\n" +" " +msgstr "" + +#: ipalib/plugins/automount.py:29 +msgid "" "\n" -"To run this code in the lite-server\n" +"Automount\n" "\n" -"curl -H \"Content-Type:application/json\" -H \"Accept:application/" -"json\" -H \"Accept-Language:en\" --negotiate -u : --cacert /" -"etc/ipa/ca.crt -d @batch_request.json -X POST http://" -"localhost:8888/ipa/json\n" +"Stores automount(8) configuration for autofs(8) in IPA.\n" "\n" -"where the contents of the file batch_request.json follow the below example\n" +"The base of an automount configuration is the configuration file auto." +"master.\n" +"This is also the base location in IPA. Multiple auto.master configurations\n" +"can be stored in separate locations. A location is implementation-specific\n" +"with the default being a location named 'default'. For example, you can " +"have\n" +"locations by geographic region, by floor, by type, etc.\n" "\n" -"{\"method\":\"batch\",\"params\":[[\n" -" {\"method\":\"group_find\",\"params\":[[],{}]},\n" -" {\"method\":\"user_find\",\"params\":[[],{\"whoami\":\"true\",\"all" -"\":\"true\"}]},\n" -" {\"method\":\"user_show\",\"params\":[[\"admin\"],{\"all\":true}]}\n" -" ],{}],\"id\":1}\n" +"Automount has three basic object types: locations, maps and keys.\n" "\n" -"The format of the response is nested the same way. At the top you will see\n" -" \"error\": null,\n" -" \"id\": 1,\n" -" \"result\": {\n" -" \"count\": 3,\n" -" \"results\": [\n" +"A location defines a set of maps anchored in auto.master. This allows you\n" +"to store multiple automount configurations. A location in itself isn't\n" +"very interesting, it is just a point to start a new automount map.\n" "\n" +"A map is roughly equivalent to a discrete automount file and provides\n" +"storage for keys.\n" "\n" -"And then a nested response for each IPA command method sent in the request\n" +"A key is a mount point associated with a map.\n" "\n" -msgstr "" - -#: ipalib/plugins/batch.py:61 -msgid "Nested Methods to execute" -msgstr "" - -#: ipalib/plugins/batch.py:68 ipalib/frontend.py:861 -msgid "Client version. Used to determine if server will accept request." -msgstr "" - -#: ipalib/plugins/cert.py:22 -msgid "" +"When a new location is created, two maps are automatically created for\n" +"it: auto.master and auto.direct. auto.master is the root map for all\n" +"automount maps for the location. auto.direct is the default map for\n" +"direct mounts and is mounted on /-.\n" "\n" -"IPA certificate operations\n" +"EXAMPLES:\n" "\n" -"Implements a set of commands for managing server SSL certificates.\n" +"Locations:\n" "\n" -"Certificate requests exist in the form of a Certificate Signing Request " -"(CSR)\n" -"in PEM format.\n" +" Create a named location, \"Baltimore\":\n" +" ipa automountlocation-add baltimore\n" "\n" -"If using the selfsign back end then the subject in the CSR needs to match\n" -"the subject configured in the server. The dogtag CA uses just the CN\n" -"value of the CSR and forces the rest of the subject.\n" +" Display the new location:\n" +" ipa automountlocation-show baltimore\n" "\n" -"A certificate is stored with a service principal and a service principal\n" -"needs a host.\n" +" Find available locations:\n" +" ipa automountlocation-find\n" "\n" -"In order to request a certificate:\n" +" Remove a named automount location:\n" +" ipa automountlocation-del baltimore\n" "\n" -"* The host must exist\n" -"* The service must exist (or you use the --add option to automatically add " -"it)\n" +" Show what the automount maps would look like if they were in the " +"filesystem:\n" +" ipa automountlocation-tofiles baltimore\n" "\n" -"EXAMPLES:\n" +" Import an existing configuration into a location:\n" +" ipa automountlocation-import baltimore /etc/auto.master\n" "\n" -" Request a new certificate and add the principal:\n" -" ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" +" The import will fail if any duplicate entries are found. For\n" +" continuous operation where errors are ignored, use the --continue\n" +" option.\n" "\n" -" Retrieve an existing certificate:\n" -" ipa cert-show 1032\n" +"Maps:\n" "\n" -" Revoke a certificate (see RFC 5280 for reason details):\n" -" ipa cert-revoke --revocation-reason=6 1032\n" +" Create a new map, \"auto.share\":\n" +" ipa automountmap-add baltimore auto.share\n" "\n" -" Remove a certificate from revocation hold status:\n" -" ipa cert-remove-hold 1032\n" +" Display the new map:\n" +" ipa automountmap-show baltimore auto.share\n" "\n" -" Check the status of a signing request:\n" -" ipa cert-status 10\n" +" Find maps in the location baltimore:\n" +" ipa automountmap-find baltimore\n" "\n" -"IPA currently immediately issues (or declines) all certificate requests so\n" -"the status of a request is not normally useful. This is for future use\n" -"or the case where a CA does not immediately issue a certificate.\n" +" Remove the auto.share map:\n" +" ipa automountmap-del baltimore auto.share\n" "\n" -"The following revocation reasons are supported:\n" +"Keys:\n" "\n" -" * 0 - unspecified\n" -" * 1 - keyCompromise\n" -" * 2 - cACompromise\n" -" * 3 - affiliationChanged\n" -" * 4 - superseded\n" -" * 5 - cessationOfOperation\n" -" * 6 - certificateHold\n" -" * 8 - removeFromCRL\n" -" * 9 - privilegeWithdrawn\n" -" * 10 - aACompromise\n" +" Create a new key for the auto.share map in location baltimore. This ties\n" +" the map we previously created to auto.master:\n" +" ipa automountkey-add baltimore auto.master --key=/share --info=auto." +"share\n" "\n" -"Note that reason code 7 is not used. See RFC 5280 for more details:\n" +" Create a new key for our auto.share map, an NFS mount for man pages:\n" +" ipa automountkey-add baltimore auto.share --key=man --info=\"-ro,soft," +"rsize=8192,wsize=8192 ipa.example.com:/shared/man\"\n" "\n" -"http://www.ietf.org/rfc/rfc5280.txt\n" +" Find all keys for the auto.share map:\n" +" ipa automountkey-find baltimore auto.share\n" "\n" -msgstr "" - -#: ipalib/plugins/cert.py:104 -msgid "" +" Find all direct automount keys:\n" +" ipa automountkey-find baltimore --key=/-\n" "\n" -" Return the value of CN in the subject of the request or None\n" -" " +" Remove the man key from the auto.share map:\n" +" ipa automountkey-del baltimore auto.share --key=man\n" msgstr "" -#: ipalib/plugins/cert.py:112 -msgid "Failure decoding Certificate Signing Request:" +#: ipalib/plugins/automount.py:191 +msgid "automount location" msgstr "" -#: ipalib/plugins/cert.py:115 -msgid "" -"\n" -" Return the first value of the subject alt name, if any\n" -" " +#: ipalib/plugins/automount.py:192 +msgid "automount locations" msgstr "" -#: ipalib/plugins/cert.py:125 ipalib/plugins/cert.py:137 -msgid "Failure decoding Certificate Signing Request" +#: ipalib/plugins/automount.py:195 +msgid "Automount Locations" msgstr "" -#: ipalib/plugins/cert.py:128 -msgid "" -"\n" -" Ensure the CSR is base64-encoded and can be decoded by our PKCS#10\n" -" parser.\n" -" " +#: ipalib/plugins/automount.py:196 +msgid "Automount Location" msgstr "" -#: ipalib/plugins/cert.py:139 -msgid "Failure decoding Certificate Signing Request: %s" +#: ipalib/plugins/automount.py:201 ipalib/plugins/host.py:273 +msgid "Location" msgstr "" -#: ipalib/plugins/cert.py:142 -msgid "" -"\n" -" Strip any leading and trailing cruft around the BEGIN/END block\n" -" " +#: ipalib/plugins/automount.py:202 +msgid "Automount location name." msgstr "" -#: ipalib/plugins/cert.py:162 -msgid "" -"\n" -" Convert a SN given in decimal or hexadecimal.\n" -" Returns the number or None if conversion fails.\n" -" " +#: ipalib/plugins/automount.py:211 +msgid "Create a new automount location." msgstr "" -#: ipalib/plugins/cert.py:188 -msgid "" -"\n" -" Given a principal with or without a realm return the\n" -" host portion.\n" -" " +#: ipalib/plugins/automount.py:213 +#, python-format +msgid "Added automount location \"%(value)s\"" msgstr "" -#: ipalib/plugins/cert.py:202 -msgid "" -"\n" -" Submit a certificate signing request.\n" -" " +#: ipalib/plugins/automount.py:232 +msgid "Delete an automount location." msgstr "" -#: ipalib/plugins/cert.py:216 ipalib/plugins/service.py:225 -msgid "Principal" +#: ipalib/plugins/automount.py:234 +#, python-format +msgid "Deleted automount location \"%(value)s\"" msgstr "" -#: ipalib/plugins/cert.py:217 -msgid "Service principal for this certificate (e.g. HTTP/test.example.com)" +#: ipalib/plugins/automount.py:240 +msgid "Display an automount location." msgstr "" -#: ipalib/plugins/cert.py:224 -msgid "automatically add the principal if it doesn't exist" +#: ipalib/plugins/automount.py:246 +msgid "Search for an automount location." msgstr "" -#: ipalib/plugins/cert.py:232 ipalib/plugins/cert.py:439 -#: ipalib/plugins/entitle.py:173 ipalib/plugins/host.py:276 -#: ipalib/plugins/service.py:232 -msgid "Certificate" -msgstr "" +#: ipalib/plugins/automount.py:249 +#, python-format +msgid "%(count)d automount location matched" +msgid_plural "%(count)d automount locations matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/cert.py:236 ipalib/plugins/cert.py:442 -#: ipalib/plugins/host.py:159 ipalib/plugins/service.py:93 -msgid "Subject" +#: ipalib/plugins/automount.py:257 +msgid "Generate automount files for a specific location." msgstr "" -#: ipalib/plugins/cert.py:240 ipalib/plugins/cert.py:445 -#: ipalib/plugins/host.py:165 ipalib/plugins/service.py:99 -msgid "Issuer" +#: ipalib/plugins/automount.py:319 +msgid "Import automount files for a specific location." msgstr "" -#: ipalib/plugins/cert.py:244 ipalib/plugins/cert.py:448 -#: ipalib/plugins/host.py:168 ipalib/plugins/service.py:102 -msgid "Not Before" +#: ipalib/plugins/automount.py:323 +msgid "Master file" msgstr "" -#: ipalib/plugins/cert.py:248 ipalib/plugins/cert.py:451 -#: ipalib/plugins/host.py:171 ipalib/plugins/service.py:105 -msgid "Not After" +#: ipalib/plugins/automount.py:324 +msgid "Automount master file." msgstr "" -#: ipalib/plugins/cert.py:252 ipalib/plugins/cert.py:454 -#: ipalib/plugins/host.py:174 ipalib/plugins/service.py:108 -msgid "Fingerprint (MD5)" +#: ipalib/plugins/automount.py:331 +msgid "" +"Continuous operation mode. Errors are reported but the process continues." msgstr "" -#: ipalib/plugins/cert.py:256 ipalib/plugins/cert.py:457 -#: ipalib/plugins/host.py:177 ipalib/plugins/service.py:111 -msgid "Fingerprint (SHA1)" +#: ipalib/plugins/automount.py:343 +#, python-format +msgid "File %(file)s not found" msgstr "" -#: ipalib/plugins/cert.py:260 ipalib/plugins/cert.py:425 -msgid "Serial number" +#: ipalib/plugins/automount.py:512 +msgid "automount map" msgstr "" -#: ipalib/plugins/cert.py:268 ipalib/plugins/entitle.py:230 -#: ipalib/plugins/entitle.py:588 ipalib/plugins/misc.py:57 -msgid "Dictionary mapping variable name to value" +#: ipalib/plugins/automount.py:513 +msgid "automount maps" msgstr "" -#: ipalib/plugins/cert.py:396 -msgid "" -"\n" -" Check the status of a certificate signing request.\n" -" " +#: ipalib/plugins/automount.py:520 +msgid "Map" msgstr "" -#: ipalib/plugins/cert.py:402 -msgid "Request id" +#: ipalib/plugins/automount.py:521 +msgid "Automount map name." msgstr "" -#: ipalib/plugins/cert.py:408 -msgid "Request status" +#: ipalib/plugins/automount.py:530 +msgid "Automount Maps" msgstr "" -#: ipalib/plugins/cert.py:426 -msgid "Serial number in decimal or if prefixed with 0x in hexadecimal" +#: ipalib/plugins/automount.py:531 +msgid "Automount Map" msgstr "" -#: ipalib/plugins/cert.py:431 -msgid "" -"\n" -" Retrieve an existing certificate.\n" -" " +#: ipalib/plugins/automount.py:537 +msgid "Create a new automount map." msgstr "" -#: ipalib/plugins/cert.py:460 ipalib/plugins/host.py:180 -#: ipalib/plugins/service.py:114 -msgid "Revocation reason" +#: ipalib/plugins/automount.py:539 +#, python-format +msgid "Added automount map \"%(value)s\"" msgstr "" -#: ipalib/plugins/cert.py:466 -msgid "Output filename" +#: ipalib/plugins/automount.py:545 +msgid "Delete an automount map." msgstr "" -#: ipalib/plugins/cert.py:467 -msgid "File to store the certificate in." +#: ipalib/plugins/automount.py:547 +#, python-format +msgid "Deleted automount map \"%(value)s\"" msgstr "" -#: ipalib/plugins/cert.py:518 -msgid "" -"\n" -" Revoke a certificate.\n" -" " +#: ipalib/plugins/automount.py:565 +msgid "Modify an automount map." msgstr "" -#: ipalib/plugins/cert.py:526 -msgid "Revoked" +#: ipalib/plugins/automount.py:567 +#, python-format +msgid "Modified automount map \"%(value)s\"" msgstr "" -#: ipalib/plugins/cert.py:534 -msgid "Reason" +#: ipalib/plugins/automount.py:573 +msgid "Search for an automount map." msgstr "" -#: ipalib/plugins/cert.py:535 -msgid "Reason for revoking the certificate (0-10)" -msgstr "" +#: ipalib/plugins/automount.py:576 +#, python-format +msgid "%(count)d automount map matched" +msgid_plural "%(count)d automount maps matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/cert.py:562 -msgid "" -"\n" -" Take a revoked certificate off hold.\n" -" " +#: ipalib/plugins/automount.py:584 +msgid "Display an automount map." msgstr "" -#: ipalib/plugins/cert.py:570 -msgid "Unrevoked" +#: ipalib/plugins/automount.py:590 +msgid "Automount key object." msgstr "" -#: ipalib/plugins/cert.py:573 -msgid "Error" +#: ipalib/plugins/automount.py:594 +msgid "automount key" msgstr "" -#: ipalib/plugins/config.py:20 -msgid "" -"\n" -"Manage the IPA configuration\n" -"\n" -"Manage the default values that IPA uses and some of its tuning parameters.\n" -"\n" -" To show the current configuration:\n" -" ipa config-show\n" -"\n" -" To modify the configuration:\n" -" ipa config-mod --maxusername=99\n" -"\n" -"The available options are:\n" -"\n" -"User management options:\n" -"\n" -" --maxusername=INT Max. username length when creating/modifying a user\n" -" --homedirectory=STR Default location of home directories (default /" -"home)\n" -" --defaultshell=STR Default shell for new users (default /bin/sh)\n" -" --defaultgroup=STR Default group for new users (default ipausers). The\n" -" group must exist, or adding new users will fail.\n" -" --emaildomain=STR Default e-mail domain for new users\n" -"\n" -"Search tuning options. These impact how much data is searched through and\n" -"how many records may be returned on a given search.\n" -"\n" -" --searchtimelimit=INT Max. amount of time (sec.) for a search (> 0, or -1 " -"for\n" -" unlimited)\n" -" --searchrecordslimit=INT Max. number of records to search (-1 is " -"unlimited)\n" -"\n" -"Server Configuration.\n" -"\n" -" --enable-migration=BOOL Enable migration mode\n" -" --pwdexpnotify=INT Password Expiration Notification (days)\n" -"\n" -"The password notification value is stored here so it will be replicated.\n" -"It is not currently used to notify users in advance of an expiring\n" -"password.\n" -"\n" -"Some attributes are read-only, provided only for information purposes. " -"These\n" -"include:\n" -"\n" -"Certificate Subject base: the configured certificate subject base,\n" -" e.g. O=EXAMPLE.COM. This is configurable only at install time.\n" -"Password plug-in features: currently defines additional hashes that the\n" -" password will generate (there may be other conditions).\n" +#: ipalib/plugins/automount.py:595 +msgid "automount keys" msgstr "" -#: ipalib/plugins/config.py:76 -msgid "searchtimelimit must be -1 or > 1." +#: ipalib/plugins/automount.py:606 ipalib/plugins/automount.py:804 +#: ipalib/plugins/automount.py:911 +msgid "Key" msgstr "" -#: ipalib/plugins/config.py:80 -msgid "" -"\n" -" IPA configuration object\n" -" " +#: ipalib/plugins/automount.py:607 ipalib/plugins/automount.py:805 +#: ipalib/plugins/automount.py:912 +msgid "Automount key name." msgstr "" -#: ipalib/plugins/config.py:91 ipalib/plugins/internal.py:151 -msgid "Configuration" +#: ipalib/plugins/automount.py:612 ipalib/plugins/automount.py:809 +#: ipalib/plugins/automount.py:916 +msgid "Mount information" msgstr "" -#: ipalib/plugins/config.py:96 -msgid "Max. username length" +#: ipalib/plugins/automount.py:615 +msgid "description" msgstr "" -#: ipalib/plugins/config.py:101 -msgid "Home directory base" +#: ipalib/plugins/automount.py:624 +msgid "Automount Keys" msgstr "" -#: ipalib/plugins/config.py:102 -msgid "Default location of home directories." +#: ipalib/plugins/automount.py:625 +msgid "Automount Key" msgstr "" -#: ipalib/plugins/config.py:106 -msgid "Default shell" +#: ipalib/plugins/automount.py:626 +#, python-format +msgid "" +"The key,info pair must be unique. A key named %(key)s with info %(info)s " +"already exists" msgstr "" -#: ipalib/plugins/config.py:107 -msgid "Default shell for new users." +#: ipalib/plugins/automount.py:627 +#, python-format +msgid "key named %(key)s already exists" msgstr "" -#: ipalib/plugins/config.py:111 -msgid "Default users group" +#: ipalib/plugins/automount.py:628 +#, python-format +msgid "The automount key %(key)s with info %(info)s does not exist" msgstr "" -#: ipalib/plugins/config.py:112 -msgid "Default group for new users." +#: ipalib/plugins/automount.py:678 +#, python-format +msgid "" +"More than one entry with key %(key)s found, use --info to select specific " +"entry." msgstr "" -#: ipalib/plugins/config.py:116 -msgid "Default e-mail domain for new users" +#: ipalib/plugins/automount.py:736 +msgid "Create a new automount key." msgstr "" -#: ipalib/plugins/config.py:117 -msgid "Default e-mail domain new users." +#: ipalib/plugins/automount.py:738 +#, python-format +msgid "Added automount key \"%(value)s\"" msgstr "" -#: ipalib/plugins/config.py:121 -msgid "Search time limit" +#: ipalib/plugins/automount.py:761 +msgid "Create a new indirect mount point." msgstr "" -#: ipalib/plugins/config.py:122 -msgid "Max. amount of time (sec.) for a search (> 0, or -1 for unlimited)." +#: ipalib/plugins/automount.py:763 +#, python-format +msgid "Added automount indirect map \"%(value)s\"" msgstr "" -#: ipalib/plugins/config.py:127 -msgid "Search size limit" +#: ipalib/plugins/automount.py:768 +msgid "Mount point" msgstr "" -#: ipalib/plugins/config.py:128 -msgid "Max. number of records to search (-1 is unlimited)." +#: ipalib/plugins/automount.py:772 +msgid "Parent map" msgstr "" -#: ipalib/plugins/config.py:133 -msgid "User search fields" +#: ipalib/plugins/automount.py:773 +msgid "Name of parent automount map (default: auto.master)." msgstr "" -#: ipalib/plugins/config.py:134 -msgid "A comma-separated list of fields to search when searching for users." +#: ipalib/plugins/automount.py:797 +msgid "Delete an automount key." msgstr "" -#: ipalib/plugins/config.py:139 -msgid "A comma-separated list of fields to search when searching for groups." +#: ipalib/plugins/automount.py:799 +#, python-format +msgid "Deleted automount key \"%(value)s\"" msgstr "" -#: ipalib/plugins/config.py:143 -msgid "Migration mode" +#: ipalib/plugins/automount.py:839 +msgid "Modify an automount key." msgstr "" -#: ipalib/plugins/config.py:144 -msgid "Enable migration mode." +#: ipalib/plugins/automount.py:841 +#, python-format +msgid "Modified automount key \"%(value)s\"" msgstr "" -#: ipalib/plugins/config.py:148 -msgid "Certificate Subject base" +#: ipalib/plugins/automount.py:846 +msgid "New mount information" msgstr "" -#: ipalib/plugins/config.py:149 -msgid "Base for certificate subjects (OU=Test,O=Example)." +#: ipalib/plugins/automount.py:895 +msgid "Search for an automount key." msgstr "" -#: ipalib/plugins/config.py:154 -msgid "Default group objectclasses" -msgstr "" +#: ipalib/plugins/automount.py:898 +#, python-format +msgid "%(count)d automount key matched" +msgid_plural "%(count)d automount keys matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/config.py:155 -msgid "Default group objectclassses (comma-separated list)." +#: ipalib/plugins/automount.py:906 +msgid "Display an automount key." msgstr "" -#: ipalib/plugins/config.py:159 -msgid "Default user objectclasses" +#: ipalib/plugins/baseldap.py:40 ipalib/plugins/entitle.py:487 +#: ipalib/plugins/migration.py:327 ipalib/plugins/user.py:235 +msgid "Password" msgstr "" -#: ipalib/plugins/config.py:160 -msgid "Default user objectclassses (comma-separated list)." +#: ipalib/plugins/baseldap.py:43 +msgid "Failed members" msgstr "" -#: ipalib/plugins/config.py:164 -msgid "Password Expiration Notification" +#: ipalib/plugins/baseldap.py:46 +msgid "Member users" msgstr "" -#: ipalib/plugins/config.py:165 -msgid "Number of days's notice of impending password expiration." +#: ipalib/plugins/baseldap.py:49 +msgid "Member groups" msgstr "" -#: ipalib/plugins/config.py:170 -msgid "Password plugin features" +#: ipalib/plugins/baseldap.py:52 +msgid "Member of groups" msgstr "" -#: ipalib/plugins/config.py:171 -msgid "Extra hashes to generate in password plug-in." +#: ipalib/plugins/baseldap.py:55 +msgid "Member hosts" msgstr "" -#: ipalib/plugins/config.py:183 -msgid "" -"\n" -" Modify configuration options.\n" -" " +#: ipalib/plugins/baseldap.py:58 +msgid "Member host-groups" msgstr "" -#: ipalib/plugins/config.py:220 -msgid "" -"\n" -" Show the current configuration.\n" -" " +#: ipalib/plugins/baseldap.py:61 +msgid "Member of host-groups" msgstr "" -#: ipalib/plugins/delegation.py:19 -msgid "" -"\n" -"Group to Group Delegation\n" -"\n" -"A permission enables fine-grained delegation of permissions. Access Control\n" -"Rules, or instructions (ACIs), grant permission to permissions to perform\n" -"given tasks such as adding a user, modifying a group, etc.\n" -"\n" -"Group to Group Delegations grants the members of one group to update a set\n" -"of attributes of members of another group.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a delegation rule to allow editors to edit admin's addresses:\n" -" ipa delegation-add --attrs=street --membergroup=admins --group=editors " -"'editors edit admins street'\n" -"\n" -" When managing the list of attributes you need to include all attributes\n" -" in the list, including existing ones. Add postalCode to the list:\n" -" ipa delegation-mod --attrs=street,postalCode --membergroup=admins --" -"group=editors 'editors edit admins street'\n" -"\n" -" Display our updated rule:\n" -" ipa delegation-show 'editors edit admins street'\n" -"\n" -" Delete a rule:\n" -" ipa delegation-del 'editors edit admins street'\n" +#: ipalib/plugins/baseldap.py:70 ipalib/plugins/role.py:81 +msgid "Roles" msgstr "" -#: ipalib/plugins/delegation.py:56 -msgid "" -"\n" -" memberOf is in filter but we want to pull out the group for easier\n" -" displaying.\n" -" " +#: ipalib/plugins/baseldap.py:73 ipalib/plugins/sudocmdgroup.py:66 +#: ipalib/plugins/sudocmdgroup.py:86 +msgid "Sudo Command Groups" msgstr "" -#: ipalib/plugins/delegation.py:63 ipalib/plugins/delegation.py:90 -msgid "Delegation '%(permission)s' not found" +#: ipalib/plugins/baseldap.py:79 +msgid "Granting privilege to roles" msgstr "" -#: ipalib/plugins/delegation.py:70 -msgid "Error retrieving member group %(group)s: %(error)s" +#: ipalib/plugins/baseldap.py:82 +msgid "Member netgroups" msgstr "" -#: ipalib/plugins/delegation.py:79 -msgid "" -"\n" -" Determine if the ACI is a Delegation ACI and raise an exception if it\n" -" isn't.\n" -"\n" -" Return the result if it is a delegation ACI, adding a new attribute\n" -" membergroup.\n" -" " +#: ipalib/plugins/baseldap.py:85 +msgid "Member of netgroups" msgstr "" -#: ipalib/plugins/delegation.py:95 -msgid "" -"\n" -" Delegation object.\n" -" " +#: ipalib/plugins/baseldap.py:88 +msgid "Member services" msgstr "" -#: ipalib/plugins/delegation.py:102 -msgid "Delegation" +#: ipalib/plugins/baseldap.py:91 +msgid "Member service groups" msgstr "" -#: ipalib/plugins/delegation.py:107 ipalib/plugins/delegation.py:108 -msgid "Delegation name" +#: ipalib/plugins/baseldap.py:97 +msgid "Member HBAC service" msgstr "" -#: ipalib/plugins/delegation.py:114 ipalib/plugins/selfservice.py:87 -msgid "" -"Comma-separated list of permissions to grant (read, write). Default is write." +#: ipalib/plugins/baseldap.py:100 +msgid "Member HBAC service groups" msgstr "" -#: ipalib/plugins/delegation.py:125 -msgid "Member user group" +#: ipalib/plugins/baseldap.py:109 +msgid "Indirect Member users" msgstr "" -#: ipalib/plugins/delegation.py:126 -msgid "User group to apply delegation to" +#: ipalib/plugins/baseldap.py:112 +msgid "Indirect Member groups" msgstr "" -#: ipalib/plugins/delegation.py:152 -msgid "" -"\n" -" Add a new delegation.\n" -" " +#: ipalib/plugins/baseldap.py:115 +msgid "Indirect Member hosts" msgstr "" -#: ipalib/plugins/delegation.py:156 -msgid "Added delegation \"%(value)s\"" +#: ipalib/plugins/baseldap.py:118 +msgid "Indirect Member host-groups" msgstr "" -#: ipalib/plugins/delegation.py:176 -msgid "" -"\n" -" Delete a delegation.\n" -" " +#: ipalib/plugins/baseldap.py:121 +msgid "Indirect Member of roles" msgstr "" -#: ipalib/plugins/delegation.py:181 -msgid "Deleted delegation \"%(value)s\"" +#: ipalib/plugins/baseldap.py:124 +msgid "Indirect Member permissions" msgstr "" -#: ipalib/plugins/delegation.py:197 -msgid "" -"\n" -" Modify a delegation.\n" -" " +#: ipalib/plugins/baseldap.py:127 +msgid "Indirect Member HBAC service" msgstr "" -#: ipalib/plugins/delegation.py:201 -msgid "Modified delegation \"%(value)s\"" +#: ipalib/plugins/baseldap.py:130 +msgid "Indirect Member HBAC service group" msgstr "" -#: ipalib/plugins/delegation.py:219 -msgid "" -"\n" -" Search for delegations.\n" -" " +#: ipalib/plugins/baseldap.py:133 +msgid "Indirect Member netgroups" msgstr "" -#: ipalib/plugins/delegation.py:223 -msgid "%(count)d delegation matched" -msgid_plural "%(count)d delegations matched" -msgstr[0] "" -msgstr[1] "" - -#: ipalib/plugins/delegation.py:250 -msgid "" -"\n" -" Display information about a delegation.\n" -" " +#: ipalib/plugins/baseldap.py:148 +msgid "External host" msgstr "" -#: ipalib/plugins/dns.py:20 -msgid "" -"\n" -"Domain Name System (DNS)\n" -"\n" -"Manage DNS zone and resource records.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add new zone:\n" -" ipa dnszone-add example.com --name-server nameserver.example.com\n" -" --admin-email admin@example.com\n" -"\n" -" Add second nameserver for example.com:\n" -" ipa dnsrecord-add example.com @ --ns-rec nameserver2.example.com\n" -"\n" -" Add a mail server for example.com:\n" -" ipa dnsrecord-add example.com @ --mx-rec=\"10 mail2\"\n" -"\n" -" Delete previously added nameserver from example.com:\n" -" ipa dnsrecord-del example.com @ --ns-rec nameserver2.example.com\n" -"\n" -" Add new A record for www.example.com: (random IP)\n" -" ipa dnsrecord-add example.com www --a-rec 80.142.15.2\n" -"\n" -" Add new PTR record for www.example.com\n" -" ipa dnsrecord-add 15.142.80.in-addr.arpa 2 --ptr-rec www.example.com.\n" -"\n" -" Add new SRV records for LDAP servers. Three quarters of the requests\n" -" should go to fast.example.com, one quarter to slow.example.com. If neither\n" -" is available, switch to backup.example.com.\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." -"com\"\n" -" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." -"example.com\"\n" -"\n" -" When dnsrecord-add command is executed with no option to add a specific " -"record\n" -" an interactive mode is started. The mode interactively prompts for the " -"most\n" -" typical record types for the respective zone:\n" -" ipa dnsrecord-add example.com www\n" -" [A record]: 1.2.3.4,11.22.33.44 (2 interactively entered random " -"IPs)\n" -" [AAAA record]: (no AAAA address entered)\n" -" Record name: www\n" -" A record: 1.2.3.4, 11.22.33.44\n" -"\n" -" The interactive mode can also be used for deleting the DNS records:\n" -" ipa dnsrecord-del example.com www\n" -" No option to delete specific record provided.\n" -" Delete all? Yes/No (default No): (do not delete all records)\n" -" Current DNS record contents:\n" -"\n" -" A record: 1.2.3.4, 11.22.33.44\n" -"\n" -" Delete A record '1.2.3.4'? Yes/No (default No): \n" -" Delete A record '11.22.33.44'? Yes/No (default No): y\n" -" Record name: www\n" -" A record: 1.2.3.4 (A record 11.22.33.44 has been " -"deleted)\n" -"\n" -" Show zone example.com:\n" -" ipa dnszone-show example.com\n" -"\n" -" Find zone with \"example\" in its domain name:\n" -" ipa dnszone-find example\n" -"\n" -" Find records for resources with \"www\" in their name in zone example.com:\n" -" ipa dnsrecord-find example.com www\n" -"\n" -" Find A records with value 10.10.0.1 in zone example.com\n" -" ipa dnsrecord-find example.com --a-rec 10.10.0.1\n" -"\n" -" Show records for resource www in zone example.com\n" -" ipa dnsrecord-show example.com www\n" -"\n" -" Delete zone example.com with all resource records:\n" -" ipa dnszone-del example.com\n" -"\n" -" Resolve a host name to see if it exists (will add default IPA domain\n" -" if one is not included):\n" -" ipa dns-resolve www.example.com\n" -" ipa dns-resolve www\n" +#: ipalib/plugins/baseldap.py:151 +msgid "Failed source hosts/hostgroups" msgstr "" -#: ipalib/plugins/dns.py:140 -msgid "Generate serial number for zones." +#: ipalib/plugins/baseldap.py:154 +msgid "Failed hosts/hostgroups" msgstr "" -#: ipalib/plugins/dns.py:189 -msgid "see RFC 2915 " +#: ipalib/plugins/baseldap.py:157 +msgid "Failed users/groups" msgstr "" -#: ipalib/plugins/dns.py:249 -msgid "Nameserver '%(host)s' does not have a corresponding A/AAAA record" +#: ipalib/plugins/baseldap.py:160 +msgid "Failed service/service groups" msgstr "" -#: ipalib/plugins/dns.py:272 -msgid "" -"\n" -" DNS Zone, container for resource records.\n" -" " +#: ipalib/plugins/baseldap.py:163 +msgid "Failed managedby" msgstr "" -#: ipalib/plugins/dns.py:284 -msgid "DNS" +#: ipalib/plugins/baseldap.py:166 +msgid "Failed to remove" msgstr "" -#: ipalib/plugins/dns.py:289 -msgid "Zone name" +#: ipalib/plugins/baseldap.py:306 +msgid "entry" msgstr "" -#: ipalib/plugins/dns.py:290 -msgid "Zone name (FQDN)" +#: ipalib/plugins/baseldap.py:307 +msgid "entries" msgstr "" -#: ipalib/plugins/dns.py:296 -msgid "Authoritative nameserver" +#: ipalib/plugins/baseldap.py:339 ipalib/plugins/baseldap.py:340 +msgid "Entry" msgstr "" -#: ipalib/plugins/dns.py:297 -msgid "Authoritative nameserver." +#: ipalib/plugins/baseldap.py:342 +#, python-format +msgid "container entry (%(container)s) not found" msgstr "" -#: ipalib/plugins/dns.py:301 ipalib/plugins/dns.py:302 -msgid "Administrator e-mail address" +#: ipalib/plugins/baseldap.py:343 +#, python-format +msgid "%(parent)s: %(oname)s not found" msgstr "" -#: ipalib/plugins/dns.py:308 -msgid "SOA serial" +#: ipalib/plugins/baseldap.py:344 +#, python-format +msgid "%(pkey)s: %(oname)s not found" msgstr "" -#: ipalib/plugins/dns.py:309 -msgid "SOA record serial number" +#: ipalib/plugins/baseldap.py:345 +#, python-format +msgid "%(oname)s with name \"%(pkey)s\" already exists" msgstr "" -#: ipalib/plugins/dns.py:316 -msgid "SOA refresh" +#: ipalib/plugins/baseldap.py:632 +msgid "" +"Set an attribute to a name/value pair. Format is attr=value.\n" +"For multi-valued attributes, the command replaces the values already present." msgstr "" -#: ipalib/plugins/dns.py:317 -msgid "SOA record refresh time" +#: ipalib/plugins/baseldap.py:638 +msgid "" +"Add an attribute/value pair. Format is attr=value. The attribute\n" +"must be part of the schema." msgstr "" -#: ipalib/plugins/dns.py:324 -msgid "SOA retry" +#: ipalib/plugins/baseldap.py:644 +msgid "" +"Delete an attribute/value pair. The option will be evaluated\n" +"last, after all sets and adds." msgstr "" -#: ipalib/plugins/dns.py:325 -msgid "SOA record retry time" +#: ipalib/plugins/baseldap.py:965 +msgid "Continuous mode: Don't stop on errors." msgstr "" -#: ipalib/plugins/dns.py:332 -msgid "SOA expire" +#: ipalib/plugins/baseldap.py:990 ipalib/plugins/baseldap.py:1062 +#: ipalib/plugins/internal.py:409 +msgid "Rights" msgstr "" -#: ipalib/plugins/dns.py:333 -msgid "SOA record expire time" +#: ipalib/plugins/baseldap.py:991 ipalib/plugins/baseldap.py:1063 +msgid "" +"Display the access rights of this entry (requires --all). See ipa man page " +"for details." msgstr "" -#: ipalib/plugins/dns.py:340 -msgid "SOA minimum" +#: ipalib/plugins/baseldap.py:1072 +msgid "Rename" msgstr "" -#: ipalib/plugins/dns.py:341 -msgid "How long should negative responses be cached" +#: ipalib/plugins/baseldap.py:1073 +#, python-format +msgid "Rename the %(ldap_obj_name)s object" msgstr "" -#: ipalib/plugins/dns.py:349 -msgid "SOA time to live" +#: ipalib/plugins/baseldap.py:1165 +msgid "the entry was deleted while being modified" msgstr "" -#: ipalib/plugins/dns.py:350 -msgid "SOA record time to live" +#: ipalib/plugins/baseldap.py:1290 ipalib/plugins/baseldap.py:1782 +#, python-format +msgid "comma-separated list of %s" msgstr "" -#: ipalib/plugins/dns.py:354 -msgid "SOA class" +#: ipalib/plugins/baseldap.py:1302 +#, python-format +msgid "member %s" msgstr "" -#: ipalib/plugins/dns.py:355 -msgid "SOA record class" +#: ipalib/plugins/baseldap.py:1332 ipalib/plugins/baseldap.py:1807 +#, python-format +msgid "comma-separated list of %s to add" msgstr "" -#: ipalib/plugins/dns.py:360 ipalib/plugins/dns.py:361 -msgid "BIND update policy" +#: ipalib/plugins/baseldap.py:1340 ipalib/plugins/baseldap.py:1819 +#: ipalib/plugins/privilege.py:153 ipalib/plugins/privilege.py:178 +#: ipalib/plugins/role.py:164 ipalib/plugins/role.py:187 +msgid "Members that could not be added" msgstr "" -#: ipalib/plugins/dns.py:365 -msgid "Active zone" +#: ipalib/plugins/baseldap.py:1344 ipalib/plugins/baseldap.py:1823 +msgid "Number of members added" msgstr "" -#: ipalib/plugins/dns.py:366 -msgid "Is zone active?" +#: ipalib/plugins/baseldap.py:1438 ipalib/plugins/baseldap.py:1920 +#, python-format +msgid "comma-separated list of %s to remove" msgstr "" -#: ipalib/plugins/dns.py:372 -msgid "Dynamic update" +#: ipalib/plugins/baseldap.py:1445 ipalib/plugins/baseldap.py:1932 +msgid "Members that could not be removed" msgstr "" -#: ipalib/plugins/dns.py:373 -msgid "Allow dynamic updates." +#: ipalib/plugins/baseldap.py:1449 ipalib/plugins/baseldap.py:1936 +msgid "Number of members removed" msgstr "" -#: ipalib/plugins/dns.py:382 -msgid "" -"\n" -" Create new DNS zone (SOA record).\n" -" " +#: ipalib/plugins/baseldap.py:1548 +#, python-format +msgid "Search for %s with these %s %s." msgstr "" -#: ipalib/plugins/dns.py:387 ipalib/plugins/dns.py:697 -#: ipalib/plugins/host.py:315 ipalib/plugins/service.py:250 -msgid "Force" +#: ipalib/plugins/baseldap.py:1549 +#, python-format +msgid "Search for %s without these %s %s." msgstr "" -#: ipalib/plugins/dns.py:388 -msgid "Force DNS zone creation even if nameserver not in DNS." +#: ipalib/plugins/baseldap.py:1557 +msgid "Time Limit" msgstr "" -#: ipalib/plugins/dns.py:391 -msgid "Add the nameserver to DNS with this IP address" +#: ipalib/plugins/baseldap.py:1558 +msgid "Time limit of search in seconds" msgstr "" -#: ipalib/plugins/dns.py:397 -msgid "DNS is not configured" +#: ipalib/plugins/baseldap.py:1564 +msgid "Size Limit" msgstr "" -#: ipalib/plugins/dns.py:431 -msgid "" -"\n" -" Delete DNS zone (SOA record).\n" -" " +#: ipalib/plugins/baseldap.py:1565 +msgid "Maximum number of entries returned" msgstr "" -#: ipalib/plugins/dns.py:439 -msgid "" -"\n" -" Modify DNS zone (SOA record).\n" -" " +#: ipalib/plugins/baseldap.py:1586 +msgid "Primary key only" msgstr "" -#: ipalib/plugins/dns.py:452 -msgid "" -"\n" -" Search for DNS zones (SOA records).\n" -" " +#: ipalib/plugins/baseldap.py:1587 +#, python-format +msgid "Results should contain primary key attribute only (\"%s\")" msgstr "" -#: ipalib/plugins/dns.py:460 -msgid "" -"\n" -" Display information about a DNS zone (SOA record).\n" -" " +#: ipalib/plugins/baseldap.py:1881 +msgid "added" msgstr "" -#: ipalib/plugins/dns.py:468 -msgid "" -"\n" -" Disable DNS Zone.\n" -" " +#: ipalib/plugins/baseldap.py:1994 +msgid "removed" msgstr "" -#: ipalib/plugins/dns.py:472 -msgid "Disabled DNS zone \"%(value)s\"" +#: ipalib/plugins/batch.py:62 +msgid "Nested Methods to execute" msgstr "" -#: ipalib/plugins/dns.py:490 +#: ipalib/plugins/cert.py:43 msgid "" "\n" -" Enable DNS Zone.\n" -" " +"IPA certificate operations\n" +"\n" +"Implements a set of commands for managing server SSL certificates.\n" +"\n" +"Certificate requests exist in the form of a Certificate Signing Request " +"(CSR)\n" +"in PEM format.\n" +"\n" +"If using the selfsign back end then the subject in the CSR needs to match\n" +"the subject configured in the server. The dogtag CA uses just the CN\n" +"value of the CSR and forces the rest of the subject.\n" +"\n" +"A certificate is stored with a service principal and a service principal\n" +"needs a host.\n" +"\n" +"In order to request a certificate:\n" +"\n" +"* The host must exist\n" +"* The service must exist (or you use the --add option to automatically add " +"it)\n" +"\n" +"EXAMPLES:\n" +"\n" +" Request a new certificate and add the principal:\n" +" ipa cert-request --add --principal=HTTP/lion.example.com example.csr\n" +"\n" +" Retrieve an existing certificate:\n" +" ipa cert-show 1032\n" +"\n" +" Revoke a certificate (see RFC 5280 for reason details):\n" +" ipa cert-revoke --revocation-reason=6 1032\n" +"\n" +" Remove a certificate from revocation hold status:\n" +" ipa cert-remove-hold 1032\n" +"\n" +" Check the status of a signing request:\n" +" ipa cert-status 10\n" +"\n" +"IPA currently immediately issues (or declines) all certificate requests so\n" +"the status of a request is not normally useful. This is for future use\n" +"or the case where a CA does not immediately issue a certificate.\n" +"\n" +"The following revocation reasons are supported:\n" +"\n" +" * 0 - unspecified\n" +" * 1 - keyCompromise\n" +" * 2 - cACompromise\n" +" * 3 - affiliationChanged\n" +" * 4 - superseded\n" +" * 5 - cessationOfOperation\n" +" * 6 - certificateHold\n" +" * 8 - removeFromCRL\n" +" * 9 - privilegeWithdrawn\n" +" * 10 - aACompromise\n" +"\n" +"Note that reason code 7 is not used. See RFC 5280 for more details:\n" +"\n" +"http://www.ietf.org/rfc/rfc5280.txt\n" +"\n" msgstr "" -#: ipalib/plugins/dns.py:494 -msgid "Enabled DNS zone \"%(value)s\"" +#: ipalib/plugins/cert.py:112 +msgid "Failure decoding Certificate Signing Request:" msgstr "" -#: ipalib/plugins/dns.py:512 -msgid "" -"\n" -" DNS record.\n" -" " +#: ipalib/plugins/cert.py:125 ipalib/plugins/cert.py:142 +msgid "Failure decoding Certificate Signing Request" msgstr "" -#: ipalib/plugins/dns.py:522 -msgid "DNS resource record" +#: ipalib/plugins/cert.py:144 +#, python-format +msgid "Failure decoding Certificate Signing Request: %s" msgstr "" -#: ipalib/plugins/dns.py:527 ipalib/plugins/dns.py:528 -msgid "Record name" +#: ipalib/plugins/cert.py:207 +msgid "Submit a certificate signing request." msgstr "" -#: ipalib/plugins/dns.py:533 ipalib/plugins/dns.py:534 -msgid "Time to live" +#: ipalib/plugins/cert.py:211 +msgid "CSR" msgstr "" -#: ipalib/plugins/dns.py:538 -msgid "Class" +#: ipalib/plugins/cert.py:220 ipalib/plugins/service.py:228 +msgid "Principal" msgstr "" -#: ipalib/plugins/dns.py:539 -msgid "DNS class" +#: ipalib/plugins/cert.py:221 +msgid "Service principal for this certificate (e.g. HTTP/test.example.com)" msgstr "" -#: ipalib/plugins/dns.py:566 -msgid "" -"\n" -" Base class for DNS record commands with record options.\n" -" " +#: ipalib/plugins/cert.py:228 +msgid "automatically add the principal if it doesn't exist" msgstr "" -#: ipalib/plugins/dns.py:610 -msgid "" -"\n" -" Base class for adding/removing records from DNS resource entries.\n" -" " +#: ipalib/plugins/cert.py:236 ipalib/plugins/cert.py:439 +#: ipalib/plugins/entitle.py:174 ipalib/plugins/host.py:302 +#: ipalib/plugins/internal.py:318 ipalib/plugins/service.py:235 +msgid "Certificate" msgstr "" -#: ipalib/plugins/dns.py:674 -msgid "" -"\n" -" Add records to DNS resource.\n" -" " +#: ipalib/plugins/cert.py:240 ipalib/plugins/cert.py:442 +#: ipalib/plugins/host.py:175 ipalib/plugins/service.py:94 +msgid "Subject" msgstr "" -#: ipalib/plugins/dns.py:690 -msgid "" -"\n" -" Add new DNS resource record.\n" -" " +#: ipalib/plugins/cert.py:244 ipalib/plugins/cert.py:445 +#: ipalib/plugins/host.py:181 ipalib/plugins/service.py:100 +msgid "Issuer" msgstr "" -#: ipalib/plugins/dns.py:699 -msgid "force NS record creation even if its hostname is not in DNS" +#: ipalib/plugins/cert.py:248 ipalib/plugins/cert.py:448 +#: ipalib/plugins/host.py:184 ipalib/plugins/service.py:103 +msgid "Not Before" msgstr "" -#: ipalib/plugins/dns.py:735 -msgid "" -"Reverse zone for PTR record should be a sub-zone of one the following fully " -"qualified domains: %s" +#: ipalib/plugins/cert.py:252 ipalib/plugins/cert.py:451 +#: ipalib/plugins/host.py:187 ipalib/plugins/service.py:106 +msgid "Not After" msgstr "" -#: ipalib/plugins/dns.py:740 -msgid "Reverse zone %s requires exactly %d IP address components, %d given" +#: ipalib/plugins/cert.py:256 ipalib/plugins/cert.py:454 +#: ipalib/plugins/host.py:190 ipalib/plugins/service.py:109 +msgid "Fingerprint (MD5)" msgstr "" -#: ipalib/plugins/dns.py:746 -msgid "PTR record '%s' is not fully qualified (check traling '.')" +#: ipalib/plugins/cert.py:260 ipalib/plugins/cert.py:457 +#: ipalib/plugins/host.py:193 ipalib/plugins/service.py:112 +msgid "Fingerprint (SHA1)" msgstr "" -#: ipalib/plugins/dns.py:789 -msgid "" -"\n" -" Delete DNS record entry.\n" -" " +#: ipalib/plugins/cert.py:264 ipalib/plugins/cert.py:427 +msgid "Serial number" msgstr "" -#: ipalib/plugins/dns.py:792 -msgid "Deleted record \"%(value)s\"" +#: ipalib/plugins/cert.py:272 ipalib/plugins/entitle.py:230 +#: ipalib/plugins/entitle.py:583 ipalib/plugins/misc.py:57 +msgid "Dictionary mapping variable name to value" msgstr "" -#: ipalib/plugins/dns.py:799 -msgid "" -"\n" -" Delete DNS resource record.\n" -" " +#: ipalib/plugins/cert.py:400 +msgid "Check the status of a certificate signing request." msgstr "" -#: ipalib/plugins/dns.py:802 -msgid "" -"Neither --del-all nor options to delete a specific record provided.\n" -"Command help may be consulted for all supported record types." +#: ipalib/plugins/cert.py:404 +msgid "Request id" msgstr "" -#: ipalib/plugins/dns.py:807 -msgid "Delete all associated records" +#: ipalib/plugins/cert.py:410 +msgid "Request status" msgstr "" -#: ipalib/plugins/dns.py:834 -msgid "No option to delete specific record provided." +#: ipalib/plugins/cert.py:428 +msgid "Serial number in decimal or if prefixed with 0x in hexadecimal" msgstr "" -#: ipalib/plugins/dns.py:835 -msgid "Delete all?" +#: ipalib/plugins/cert.py:433 +msgid "Retrieve an existing certificate." msgstr "" -#: ipalib/plugins/dns.py:845 -msgid "Current DNS record contents:\n" +#: ipalib/plugins/cert.py:460 ipalib/plugins/host.py:196 +#: ipalib/plugins/service.py:115 +msgid "Revocation reason" msgstr "" -#: ipalib/plugins/dns.py:875 -msgid "%s record with value %s not found" +#: ipalib/plugins/cert.py:466 +msgid "Output filename" msgstr "" -#: ipalib/plugins/dns.py:889 -msgid "" -"\n" -" Display DNS resource.\n" -" " +#: ipalib/plugins/cert.py:467 +msgid "File to store the certificate in." msgstr "" -#: ipalib/plugins/dns.py:905 -msgid "" -"\n" -" Search for DNS resources.\n" -" " +#: ipalib/plugins/cert.py:518 +msgid "Revoke a certificate." msgstr "" -#: ipalib/plugins/dns.py:932 -msgid "" -"\n" -" Resolve a host name in DNS\n" -" " +#: ipalib/plugins/cert.py:524 +msgid "Revoked" msgstr "" -#: ipalib/plugins/dns.py:936 -msgid "Found '%(value)s'" +#: ipalib/plugins/cert.py:532 +msgid "Reason" msgstr "" -#: ipalib/plugins/dns.py:940 -msgid "Hostname" +#: ipalib/plugins/cert.py:533 +msgid "Reason for revoking the certificate (0-10)" msgstr "" -#: ipalib/plugins/dns.py:962 -msgid "Host '%(host)s' not found" +#: ipalib/plugins/cert.py:554 +msgid "7 is not a valid revocation reason" msgstr "" -#: ipalib/plugins/dns.py:970 -msgid "" -"\n" -" Checks if any of the servers has the DNS service enabled.\n" -" " +#: ipalib/plugins/cert.py:563 +msgid "Take a revoked certificate off hold." +msgstr "" + +#: ipalib/plugins/cert.py:569 +msgid "Unrevoked" +msgstr "" + +#: ipalib/plugins/cert.py:572 ipalib/plugins/internal.py:225 +msgid "Error" msgstr "" -#: ipalib/plugins/entitle.py:19 +#: ipalib/plugins/config.py:31 msgid "" "\n" -"Entitlements\n" +"Server configuration\n" "\n" -"Manage entitlements for client machines\n" +"Manage the default values that IPA uses and some of its tuning parameters.\n" "\n" -"Entitlements can be managed either by registering with an entitlement\n" -"server with a username and password or by manually importing entitlement\n" -"certificates. An entitlement certificate contains embedded information\n" -"such as the product being entitled, the quantity and the validity dates.\n" +"NOTES:\n" "\n" -"An entitlement server manages the number of client entitlements available.\n" -"To mark these entitlements as used by the IPA server you provide a quantity\n" -"and they are marked as consumed on the entitlement server.\n" +"The password notification value (--pwdexpnotify) is stored here so it will\n" +"be replicated. It is not currently used to notify users in advance of an\n" +"expiring password.\n" "\n" -" Register with an entitlement server:\n" -" ipa entitle-register consumer\n" +"Some attributes are read-only, provided only for information purposes. " +"These\n" +"include:\n" "\n" -" Import an entitlement certificate:\n" -" ipa entitle-import /home/user/ipaclient.pem\n" +"Certificate Subject base: the configured certificate subject base,\n" +" e.g. O=EXAMPLE.COM. This is configurable only at install time.\n" +"Password plug-in features: currently defines additional hashes that the\n" +" password will generate (there may be other conditions).\n" "\n" -" Display current entitlements:\n" -" ipa entitle-status\n" +"EXAMPLES:\n" "\n" -" Retrieve details on entitlement certificates:\n" -" ipa entitle-get\n" +" Show basic server configuration:\n" +" ipa config-show\n" "\n" -" Consume some entitlements from the entitlement server:\n" -" ipa entitle-consume 50\n" +" Show all configuration options:\n" +" ipa config-show --all\n" "\n" -"The registration ID is a Unique Identifier (UUID). This ID will be\n" -"IMPORTED if you have used entitle-import.\n" +" Change maximum username length to 99 characters:\n" +" ipa config-mod --maxusername=99\n" "\n" -"Changes to /etc/rhsm/rhsm.conf require a restart of the httpd service.\n" +" Increase default time and size limits for maximum IPA server search:\n" +" ipa config-mod --searchtimelimit=10 --searchrecordslimit=2000\n" +"\n" +" Set default user e-mail domain:\n" +" ipa config-mod --emaildomain=example.com\n" +"\n" +" Enable migration mode to make \"ipa migrate-ds\" command operational:\n" +" ipa config-mod --enable-migration=TRUE\n" msgstr "" -#: ipalib/plugins/entitle.py:106 -msgid "" -"\n" -" Get our entitlement pool. Assume there is only one pool.\n" -" " +#: ipalib/plugins/config.py:73 +msgid "searchtimelimit must be -1 or > 1." msgstr "" -#: ipalib/plugins/entitle.py:129 -msgid "" -"\n" -" Retrieve our UUID, certificate and key from LDAP.\n" -"\n" -" Except on error the caller is responsible for removing temporary files\n" -" " +#: ipalib/plugins/config.py:80 +msgid "configuration options" msgstr "" -#: ipalib/plugins/entitle.py:178 -msgid "" -"\n" -" Entitlement object\n" -" " +#: ipalib/plugins/config.py:89 ipalib/plugins/config.py:90 +msgid "Configuration" msgstr "" -#: ipalib/plugins/entitle.py:189 -msgid "Entitlements" +#: ipalib/plugins/config.py:95 +msgid "Maximum username length" msgstr "" -#: ipalib/plugins/entitle.py:206 -msgid "" -"\n" -" Display current entitlements\n" -" " +#: ipalib/plugins/config.py:100 +msgid "Home directory base" msgstr "" -#: ipalib/plugins/entitle.py:214 ipalib/plugins/entitle.py:602 -msgid "UUID" +#: ipalib/plugins/config.py:101 +msgid "Default location of home directories" msgstr "" -#: ipalib/plugins/entitle.py:217 ipalib/plugins/entitle.py:306 -#: ipalib/plugins/entitle.py:388 ipalib/plugins/entitle.py:575 -#: ipalib/plugins/entitle.py:690 -msgid "Product" +#: ipalib/plugins/config.py:105 +msgid "Default shell" msgstr "" -#: ipalib/plugins/entitle.py:220 ipalib/plugins/entitle.py:286 -#: ipalib/plugins/entitle.py:296 ipalib/plugins/entitle.py:391 -#: ipalib/plugins/entitle.py:578 ipalib/plugins/entitle.py:680 -msgid "Quantity" +#: ipalib/plugins/config.py:106 +msgid "Default shell for new users" msgstr "" -#: ipalib/plugins/entitle.py:223 ipalib/plugins/entitle.py:309 -#: ipalib/plugins/entitle.py:581 ipalib/plugins/entitle.py:693 -msgid "Consumed" +#: ipalib/plugins/config.py:110 +msgid "Default users group" msgstr "" -#: ipalib/plugins/entitle.py:276 -msgid "" -"\n" -" Consume an entitlement\n" -" " +#: ipalib/plugins/config.py:111 +msgid "Default group for new users" msgstr "" -#: ipalib/plugins/entitle.py:282 -msgid "Consumed %(value)s entitlement(s)." +#: ipalib/plugins/config.py:115 ipalib/plugins/config.py:116 +msgid "Default e-mail domain" msgstr "" -#: ipalib/plugins/entitle.py:314 -msgid "" -"\n" -" Override this so we can set value to the number of entitlements\n" -" consumed.\n" -" " +#: ipalib/plugins/config.py:120 +msgid "Search time limit" msgstr "" -#: ipalib/plugins/entitle.py:362 ipalib/plugins/entitle.py:724 +#: ipalib/plugins/config.py:121 msgid "" -"\n" -" Returning the certificates isn't very interesting. Return the\n" -" status of entitlements instead.\n" -" " +"Maximum amount of time (seconds) for a search (> 0, or -1 for unlimited)" msgstr "" -#: ipalib/plugins/entitle.py:380 -msgid "" -"\n" -" Retrieve the entitlement certs\n" -" " +#: ipalib/plugins/config.py:126 +msgid "Search size limit" msgstr "" -#: ipalib/plugins/entitle.py:394 -msgid "Start" +#: ipalib/plugins/config.py:127 +msgid "Maximum number of records to search (-1 is unlimited)" msgstr "" -#: ipalib/plugins/entitle.py:397 -msgid "End" +#: ipalib/plugins/config.py:132 +msgid "User search fields" msgstr "" -#: ipalib/plugins/entitle.py:400 ipalib/plugins/host.py:162 -#: ipalib/plugins/internal.py:132 ipalib/plugins/service.py:96 -msgid "Serial Number" +#: ipalib/plugins/config.py:133 +msgid "A comma-separated list of fields to search in when searching for users" msgstr "" -#: ipalib/plugins/entitle.py:435 ipalib/plugins/entitle.py:626 -#: ipalib/plugins/entitle.py:628 -msgid "Not an entitlement certificate" +#: ipalib/plugins/config.py:138 +msgid "A comma-separated list of fields to search in when searching for groups" msgstr "" -#: ipalib/plugins/entitle.py:460 -msgid "" -"\n" -" Search for entitlement accounts.\n" -" " +#: ipalib/plugins/config.py:142 ipalib/plugins/config.py:143 +msgid "Enable migration mode" msgstr "" -#: ipalib/plugins/entitle.py:473 -msgid "" -"\n" -" Register to the entitlement system\n" -" " +#: ipalib/plugins/config.py:147 +msgid "Certificate Subject base" msgstr "" -#: ipalib/plugins/entitle.py:479 -msgid "Registered to entitlement server." +#: ipalib/plugins/config.py:148 +msgid "Base for certificate subjects (OU=Test,O=Example)" msgstr "" -#: ipalib/plugins/entitle.py:483 -msgid "Username" +#: ipalib/plugins/config.py:153 +msgid "Default group objectclasses" msgstr "" -#: ipalib/plugins/entitle.py:490 ipalib/plugins/entitle.py:603 -msgid "Enrollment UUID" +#: ipalib/plugins/config.py:154 +msgid "Default group objectclasses (comma-separated list)" msgstr "" -#: ipalib/plugins/entitle.py:494 ipalib/plugins/migration.py:271 -#: ipalib/plugins/passwd.py:59 ipalib/plugins/user.py:172 -msgid "Password" +#: ipalib/plugins/config.py:159 +msgid "Default user objectclasses" msgstr "" -#: ipalib/plugins/entitle.py:495 -msgid "Registration password" +#: ipalib/plugins/config.py:160 +msgid "Default user objectclasses (comma-separated list)" msgstr "" -#: ipalib/plugins/entitle.py:569 -msgid "" -"\n" -" Import an entitlement certificate.\n" -" " +#: ipalib/plugins/config.py:165 +msgid "Password Expiration Notification (days)" msgstr "" -#: ipalib/plugins/entitle.py:646 -msgid "" -"\n" -" If we are adding the first entry there are no updates so " -"EmptyModlist\n" -" will get thrown. Ignore it.\n" -" " +#: ipalib/plugins/config.py:166 +msgid "Number of days's notice of impending password expiration" msgstr "" -#: ipalib/plugins/entitle.py:667 -msgid "" -"\n" -" Re-sync the local entitlement cache with the entitlement server\n" -" " +#: ipalib/plugins/config.py:171 +msgid "Password plugin features" msgstr "" -#: ipalib/plugins/entitle.py:673 -msgid "Entitlement(s) synchronized." +#: ipalib/plugins/config.py:172 +msgid "Extra hashes to generate in password plug-in" +msgstr "" + +#: ipalib/plugins/config.py:184 +msgid "Modify configuration options." +msgstr "" + +#: ipalib/plugins/config.py:192 +msgid "The group doesn't exist" +msgstr "" + +#: ipalib/plugins/config.py:207 +#, python-format +msgid "attribute \"%s\" not allowed" +msgstr "" + +#: ipalib/plugins/config.py:215 +msgid "May not be empty" +msgstr "" + +#: ipalib/plugins/config.py:228 +#, python-format +msgid "%s default attribute %s would not be allowed!" +msgstr "" + +#: ipalib/plugins/config.py:237 +msgid "Show the current configuration." msgstr "" -#: ipalib/plugins/group.py:20 +#: ipalib/plugins/delegation.py:28 msgid "" "\n" -"Groups of users\n" -"\n" -"Manage groups of users. By default, new groups are POSIX groups. You\n" -"can add the --nonposix option to the group-add command to mark a new group\n" -"as non-POSIX, and you can use the same argument to the group-mod command\n" -"to convert a non-POSIX group to a POSIX group. POSIX groups cannot be\n" -"converted to non-POSIX groups.\n" +"Group to Group Delegation\n" "\n" -"Every group must have a description.\n" +"A permission enables fine-grained delegation of permissions. Access Control\n" +"Rules, or instructions (ACIs), grant permission to permissions to perform\n" +"given tasks such as adding a user, modifying a group, etc.\n" "\n" -"POSIX groups must have a Group ID (GID) number. Changing a GID is\n" -"supported but can have an impact on your file permissions. It is not " -"necessary\n" -"to supply a GID when creating a group. IPA will generate one automatically\n" -"if it is not provided.\n" +"Group to Group Delegations grants the members of one group to update a set\n" +"of attributes of members of another group.\n" "\n" "EXAMPLES:\n" "\n" -" Add a new group:\n" -" ipa group-add --desc='local administrators' localadmins\n" -"\n" -" Add a new non-POSIX group:\n" -" ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" -"\n" -" Convert a non-POSIX group to posix:\n" -" ipa group-mod --posix remoteadmins\n" -"\n" -" Add a new POSIX group with a specific Group ID number:\n" -" ipa group-add --gid=500 --desc='unix admins' unixadmins\n" -"\n" -" Add a new POSIX group and let IPA assign a Group ID number:\n" -" ipa group-add --desc='printer admins' printeradmins\n" -"\n" -" Remove a group:\n" -" ipa group-del unixadmins\n" -"\n" -" To add the \"remoteadmins\" group to the \"localadmins\" group:\n" -" ipa group-add-member --groups=remoteadmins localadmins\n" +" Add a delegation rule to allow managers to edit employee's addresses:\n" +" ipa delegation-add --attrs=street --membergroup=managers --" +"group=employees \"managers edit employees' street\"\n" "\n" -" Add a list of users to the \"localadmins\" group:\n" -" ipa group-add-member --users=test1,test2 localadmins\n" +" When managing the list of attributes you need to include all attributes\n" +" in the list, including existing ones. Add postalCode to the list:\n" +" ipa delegation-mod --attrs=street,postalCode --membergroup=managers --" +"group=employees \"managers edit employees' street\"\n" "\n" -" Remove a user from the \"localadmins\" group:\n" -" ipa group-remove-member --users=test2 localadmins\n" +" Display our updated rule:\n" +" ipa delegation-show \"managers edit employees' street\"\n" "\n" -" Display information about a named group.\n" -" ipa group-show localadmins\n" +" Delete a rule:\n" +" ipa delegation-del \"managers edit employees' street\"\n" msgstr "" -#: ipalib/plugins/group.py:76 -msgid "" -"\n" -" Group object.\n" -" " +#: ipalib/plugins/delegation.py:64 ipalib/plugins/delegation.py:91 +#, python-format +msgid "Delegation '%(permission)s' not found" msgstr "" -#: ipalib/plugins/group.py:100 -msgid "User Groups" +#: ipalib/plugins/delegation.py:71 +#, python-format +msgid "Error retrieving member group %(group)s: %(error)s" msgstr "" -#: ipalib/plugins/group.py:108 -msgid "Group name" +#: ipalib/plugins/delegation.py:101 +msgid "delegation" msgstr "" -#: ipalib/plugins/group.py:115 ipalib/plugins/sudocmdgroup.py:77 -msgid "Group description" +#: ipalib/plugins/delegation.py:102 +msgid "delegations" msgstr "" -#: ipalib/plugins/group.py:119 ipalib/plugins/user.py:187 -msgid "GID" +#: ipalib/plugins/delegation.py:103 +msgid "Delegations" msgstr "" -#: ipalib/plugins/group.py:120 -msgid "GID (use this option to set it manually)" +#: ipalib/plugins/delegation.py:104 +msgid "Delegation" msgstr "" -#: ipalib/plugins/group.py:128 +#: ipalib/plugins/delegation.py:109 ipalib/plugins/delegation.py:110 +msgid "Delegation name" +msgstr "" + +#: ipalib/plugins/delegation.py:116 ipalib/plugins/selfservice.py:89 msgid "" -"\n" -" Create a new group.\n" -" " +"Comma-separated list of permissions to grant (read, write). Default is write." msgstr "" -#: ipalib/plugins/group.py:132 -msgid "Added group \"%(value)s\"" +#: ipalib/plugins/delegation.py:129 +msgid "Member user group" msgstr "" -#: ipalib/plugins/group.py:137 -msgid "Create as a non-POSIX group" +#: ipalib/plugins/delegation.py:130 +msgid "User group to apply delegation to" msgstr "" -#: ipalib/plugins/group.py:154 -msgid "" -"\n" -" Delete group.\n" -" " +#: ipalib/plugins/delegation.py:156 +msgid "Add a new delegation." msgstr "" -#: ipalib/plugins/group.py:158 -msgid "Deleted group \"%(value)s\"" +#: ipalib/plugins/delegation.py:158 +#, python-format +msgid "Added delegation \"%(value)s\"" msgstr "" -#: ipalib/plugins/group.py:186 -msgid "" -"\n" -" Modify a group.\n" -" " +#: ipalib/plugins/delegation.py:178 +msgid "Delete a delegation." msgstr "" -#: ipalib/plugins/group.py:189 -msgid "Modified group \"%(value)s\"" +#: ipalib/plugins/delegation.py:181 +#, python-format +msgid "Deleted delegation \"%(value)s\"" msgstr "" -#: ipalib/plugins/group.py:194 -msgid "change to a POSIX group" +#: ipalib/plugins/delegation.py:197 +msgid "Modify a delegation." msgstr "" -#: ipalib/plugins/group.py:215 -msgid "" -"\n" -" Search for groups.\n" -" " +#: ipalib/plugins/delegation.py:199 +#, python-format +msgid "Modified delegation \"%(value)s\"" msgstr "" -#: ipalib/plugins/group.py:220 -msgid "%(count)d group matched" -msgid_plural "%(count)d groups matched" +#: ipalib/plugins/delegation.py:217 +msgid "Search for delegations." +msgstr "" + +#: ipalib/plugins/delegation.py:220 +#, python-format +msgid "%(count)d delegation matched" +msgid_plural "%(count)d delegations matched" msgstr[0] "" msgstr[1] "" -#: ipalib/plugins/group.py:227 ipalib/plugins/netgroup.py:192 -msgid "search for private groups" +#: ipalib/plugins/delegation.py:246 +msgid "Display information about a delegation." msgstr "" -#: ipalib/plugins/group.py:257 +#: ipalib/plugins/dns.py:35 msgid "" "\n" -" Display information about a named group.\n" -" " +"Domain Name System (DNS)\n" +"\n" +"Manage DNS zone and resource records.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add new zone:\n" +" ipa dnszone-add example.com --name-server nameserver.example.com\n" +" --admin-email admin@example.com\n" +"\n" +" Modify the zone to allow dynamic updates for hosts own records in realm " +"EXAMPLE.COM:\n" +" ipa dnszone-mod example.com --dynamic-update=TRUE \\\n" +" --update-policy=\"grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM " +"krb5-self * AAAA;\"\n" +"\n" +" Add new reverse zone specified by network IP address:\n" +" ipa dnszone-add --name-from-ip 80.142.15.0/24\n" +" --name-server nameserver.example.com\n" +"\n" +" Add second nameserver for example.com:\n" +" ipa dnsrecord-add example.com @ --ns-rec nameserver2.example.com\n" +"\n" +" Add a mail server for example.com:\n" +" ipa dnsrecord-add example.com @ --mx-rec=\"10 mail2\"\n" +"\n" +" Delete previously added nameserver from example.com:\n" +" ipa dnsrecord-del example.com @ --ns-rec nameserver2.example.com\n" +"\n" +" Add LOC record for example.com:\n" +" ipa dnsrecord-add example.com @ --loc-rec \"49 11 42.4 N 16 36 29.6 E " +"227.64m\"\n" +"\n" +" Add new A record for www.example.com: (random IP)\n" +" ipa dnsrecord-add example.com www --a-rec 80.142.15.2\n" +"\n" +" Add new PTR record for www.example.com\n" +" ipa dnsrecord-add 15.142.80.in-addr.arpa. 2 --ptr-rec www.example.com.\n" +"\n" +" Add new SRV records for LDAP servers. Three quarters of the requests\n" +" should go to fast.example.com, one quarter to slow.example.com. If neither\n" +" is available, switch to backup.example.com.\n" +" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 3 389 fast.example." +"com\"\n" +" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"0 1 389 slow.example." +"com\"\n" +" ipa dnsrecord-add example.com _ldap._tcp --srv-rec=\"1 1 389 backup." +"example.com\"\n" +"\n" +" When dnsrecord-add command is executed with no option to add a specific " +"record\n" +" an interactive mode is started. The mode interactively prompts for the " +"most\n" +" typical record types for the respective zone:\n" +" ipa dnsrecord-add example.com www\n" +" [A record]: 1.2.3.4,11.22.33.44 (2 interactively entered random " +"IPs)\n" +" [AAAA record]: (no AAAA address entered)\n" +" Record name: www\n" +" A record: 1.2.3.4, 11.22.33.44\n" +"\n" +" The interactive mode can also be used for deleting the DNS records:\n" +" ipa dnsrecord-del example.com www\n" +" No option to delete specific record provided.\n" +" Delete all? Yes/No (default No): (do not delete all records)\n" +" Current DNS record contents:\n" +"\n" +" A record: 1.2.3.4, 11.22.33.44\n" +"\n" +" Delete A record '1.2.3.4'? Yes/No (default No):\n" +" Delete A record '11.22.33.44'? Yes/No (default No): y\n" +" Record name: www\n" +" A record: 1.2.3.4 (A record 11.22.33.44 has been " +"deleted)\n" +"\n" +" Show zone example.com:\n" +" ipa dnszone-show example.com\n" +"\n" +" Find zone with \"example\" in its domain name:\n" +" ipa dnszone-find example\n" +"\n" +" Find records for resources with \"www\" in their name in zone example.com:\n" +" ipa dnsrecord-find example.com www\n" +"\n" +" Find A records with value 10.10.0.1 in zone example.com\n" +" ipa dnsrecord-find example.com --a-rec 10.10.0.1\n" +"\n" +" Show records for resource www in zone example.com\n" +" ipa dnsrecord-show example.com www\n" +"\n" +" Delete zone example.com with all resource records:\n" +" ipa dnszone-del example.com\n" +"\n" +" Resolve a host name to see if it exists (will add default IPA domain\n" +" if one is not included):\n" +" ipa dns-resolve www.example.com\n" +" ipa dns-resolve www\n" msgstr "" -#: ipalib/plugins/group.py:265 -msgid "" -"\n" -" Add members to a group.\n" -" " +#: ipalib/plugins/dns.py:173 +msgid "invalid IP address format" +msgstr "" + +#: ipalib/plugins/dns.py:180 +msgid "invalid IP network format" +msgstr "" + +#: ipalib/plugins/dns.py:188 +msgid "format must be specified as \"priority weight port target\"" msgstr "" -#: ipalib/plugins/group.py:273 +#: ipalib/plugins/dns.py:195 msgid "" -"\n" -" Remove members from a group.\n" -" " +"format must be specified as \"priority weight port target\" (see RFC 2782 " +"for details)" msgstr "" -#: ipalib/plugins/group.py:281 +#: ipalib/plugins/dns.py:205 msgid "" -"\n" -" Detach a managed group from a user\n" -" " +"format must be specified as \"priority mailserver\" (see RFC 1035 for " +"details)" msgstr "" -#: ipalib/plugins/group.py:285 -msgid "Detached group \"%(value)s\" from user \"%(value)s\"" +#: ipalib/plugins/dns.py:211 +msgid "the value of priority must be integer" +msgstr "" + +#: ipalib/plugins/dns.py:214 +msgid "the value of priority must be between 0 and 65535" msgstr "" -#: ipalib/plugins/group.py:288 +#: ipalib/plugins/dns.py:223 msgid "" -"\n" -" This requires updating both the user and the group. We first need " -"to\n" -" verify that both the user and group can be updated, then we go\n" -" about our work. We don't want a situation where only the user or\n" -" group can be modified and we're left in a bad state.\n" -" " +"format must be specified as \"order preference flags service regexp " +"replacement\" (see RFC 2915 for details)" msgstr "" -#: ipalib/plugins/group.py:306 -msgid "not allowed to modify user entries" +#: ipalib/plugins/dns.py:230 +msgid "order and preference must be integers" msgstr "" -#: ipalib/plugins/group.py:312 -msgid "not allowed to modify group entries" +#: ipalib/plugins/dns.py:233 +msgid "the value of order and preference must be between 0 and 65535" msgstr "" -#: ipalib/plugins/group.py:331 -msgid "Not a managed group" +#: ipalib/plugins/dns.py:238 +msgid "flag must be a single character (quotation is allowed)" msgstr "" -#: ipalib/plugins/hbacrule.py:19 -msgid "" -"\n" -"Host-based access control\n" -"\n" -"Control who can access what services on what hosts and from where. You\n" -"can use HBAC to control which users or groups on a source host can\n" -"access a service, or group of services, on a target host.\n" -"\n" -"You can also specify a category of users, target hosts, and source\n" -"hosts. This is currently limited to \"all\", but might be expanded in the\n" -"future.\n" -"\n" -"Target hosts and source hosts in HBAC rules must be hosts managed by IPA.\n" -"\n" -"The available services and groups of services are controlled by the\n" -"hbacsvc and hbacsvcgroup plug-ins respectively.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Create a rule, \"test1\", that grants all users access to the host \"server" -"\" from\n" -" anywhere:\n" -" ipa hbacrule-add --type=allow --usercat=all --srchostcat=all test1\n" -" ipa hbacrule-add-host --hosts=server.example.com test1\n" -"\n" -" Display the properties of a named HBAC rule:\n" -" ipa hbacrule-show test1\n" -"\n" -" Create a rule for a specific service. This lets the user john access\n" -" the sshd service on any machine from any machine:\n" -" ipa hbacrule-add --type=allow --hostcat=all --srchostcat=all john_sshd\n" -" ipa hbacrule-add-user --users=john john_sshd\n" -" ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n" -"\n" -" Create a rule for a new service group. This lets the user john access\n" -" the FTP service on any machine from any machine:\n" -" ipa hbacsvcgroup-add ftpers\n" -" ipa hbacsvc-add sftp\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers\n" -" ipa hbacrule-add --type=allow --hostcat=all --srchostcat=all john_ftp\n" -" ipa hbacrule-add-user --users=john john_ftp\n" -" ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n" -"\n" -" Disable a named HBAC rule:\n" -" ipa hbacrule-disable test1\n" -"\n" -" Remove a named HBAC rule:\n" -" ipa hbacrule-del allow_server\n" +#: ipalib/plugins/dns.py:240 +msgid "flag must be one of \"S\", \"A\", \"U\", or \"P\"" msgstr "" -#: ipalib/plugins/hbacrule.py:91 +#: ipalib/plugins/dns.py:249 msgid "" -"\n" -" See if options[attribute] is lower-case 'all' in a safe way.\n" -" " +"format must be specified as \"subtype hostname\" (see RFC 1183 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:103 -msgid "" -"\n" -" HBAC object.\n" -" " +#: ipalib/plugins/dns.py:254 +msgid "the value of subtype must be integer" msgstr "" -#: ipalib/plugins/hbacrule.py:126 -msgid "HBAC Rule" +#: ipalib/plugins/dns.py:257 +msgid "the value of subtype must be between 0 and 65535" msgstr "" -#: ipalib/plugins/hbacrule.py:131 ipalib/plugins/sudorule.py:73 -msgid "Rule name" +#: ipalib/plugins/dns.py:266 +msgid "" +"format must be specified as \"type key_tag algorithm certificate_or_crl" +"\" (see RFC 4398 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:136 -msgid "Rule type (allow or deny)" +#: ipalib/plugins/dns.py:274 ipalib/plugins/dns.py:317 +msgid "key_tag, algorithm and digest_type must be integers" msgstr "" -#: ipalib/plugins/hbacrule.py:137 -msgid "Rule type" +#: ipalib/plugins/dns.py:277 +msgid "the value of type and key_tag must be between 0 and 65535" msgstr "" -#: ipalib/plugins/hbacrule.py:143 ipalib/plugins/netgroup.py:124 -#: ipalib/plugins/sudorule.py:86 -msgid "User category" +#: ipalib/plugins/dns.py:280 ipalib/plugins/dns.py:349 +msgid "the value of algorithm must be between 0 and 255" msgstr "" -#: ipalib/plugins/hbacrule.py:144 ipalib/plugins/netgroup.py:125 -#: ipalib/plugins/sudorule.py:87 -msgid "User category the rule applies to" +#: ipalib/plugins/dns.py:289 ipalib/plugins/dns.py:457 +#, python-format +msgid "" +"format must be specified as \"domain_name\" (see RFC 1035 for details): %s" msgstr "" -#: ipalib/plugins/hbacrule.py:149 ipalib/plugins/netgroup.py:130 -#: ipalib/plugins/sudorule.py:92 -msgid "Host category" +#: ipalib/plugins/dns.py:299 +#, python-format +msgid "format must be specified as \"target\" (see RFC 2672 for details): %s" msgstr "" -#: ipalib/plugins/hbacrule.py:150 ipalib/plugins/netgroup.py:131 -#: ipalib/plugins/sudorule.py:93 -msgid "Host category the rule applies to" +#: ipalib/plugins/dns.py:309 +msgid "" +"format must be specified as \"key_tag algorithm digest_type digest\" (see " +"RFC 4034 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:155 -msgid "Source host category" +#: ipalib/plugins/dns.py:320 ipalib/plugins/dns.py:343 +msgid "the value of flags must be between 0 and 65535" msgstr "" -#: ipalib/plugins/hbacrule.py:156 -msgid "Source host category the rule applies to" +#: ipalib/plugins/dns.py:323 +msgid "the value of algorithm and digest_type must be between 0 and 255" msgstr "" -#: ipalib/plugins/hbacrule.py:161 -msgid "Service category" +#: ipalib/plugins/dns.py:332 +msgid "" +"format must be specified as \"flags protocol algorithm public_key\" (see RFC " +"2535 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:162 -msgid "Service category the rule applies to" +#: ipalib/plugins/dns.py:340 +msgid "flags, protocol and algorithm must be integers" msgstr "" -#: ipalib/plugins/hbacrule.py:174 ipalib/plugins/sudorule.py:81 -msgid "Enabled" +#: ipalib/plugins/dns.py:346 +msgid "the value of protocol must be between 0 and 255" msgstr "" -#: ipalib/plugins/hbacrule.py:178 ipalib/plugins/sudorule.py:115 -#: ipalib/plugins/user.py:108 -msgid "Users" +#: ipalib/plugins/dns.py:367 +msgid "" +"format must be specified as\n" +" \"d1 [m1 [s1]] {\"N\"|\"S\"} d2 [m2 [s2]] {\"E\"|\"W\"} alt[\"m\"] [siz" +"[\"m\"] [hp[\"m\"] [vp[\"m\"]]]]\"\n" +" where:\n" +" d1: [0 .. 90] (degrees latitude)\n" +" d2: [0 .. 180] (degrees longitude)\n" +" m1, m2: [0 .. 59] (minutes latitude/longitude)\n" +" s1, s2: [0 .. 59.999] (seconds latitude/longitude)\n" +" alt: [-100000.00 .. 42849672.95] BY .01 (altitude in meters)\n" +" siz, hp, vp: [0 .. 90000000.00] (size/precision in meters)\n" +" See RFC 1876 for details" msgstr "" -#: ipalib/plugins/hbacrule.py:182 ipalib/plugins/internal.py:272 -#: ipalib/plugins/sudorule.py:119 -msgid "Groups" +#: ipalib/plugins/dns.py:384 +#, python-format +msgid "%s must be integer" msgstr "" -#: ipalib/plugins/hbacrule.py:186 ipalib/plugins/host.py:226 -#: ipalib/plugins/sudorule.py:123 -msgid "Hosts" +#: ipalib/plugins/dns.py:391 +#, python-format +msgid "%s must be float" msgstr "" -#: ipalib/plugins/hbacrule.py:190 ipalib/plugins/hostgroup.py:73 -#: ipalib/plugins/sudorule.py:127 -msgid "Host Groups" +#: ipalib/plugins/dns.py:394 +msgid "d1 and d2 must be between 0 and 90" msgstr "" -#: ipalib/plugins/hbacrule.py:194 -msgid "Source hosts" +#: ipalib/plugins/dns.py:398 +msgid "m1, m2, s1 and s2 must be between 0 and 59.999" msgstr "" -#: ipalib/plugins/hbacrule.py:198 -msgid "Source host groups" +#: ipalib/plugins/dns.py:401 +msgid "alt must be between -100000.00 and 42849672.95" msgstr "" -#: ipalib/plugins/hbacrule.py:202 ipalib/plugins/internal.py:196 -#: ipalib/plugins/service.py:220 -msgid "Services" +#: ipalib/plugins/dns.py:405 +msgid "siz, hp and vp must be between 0 and 90000000.00" msgstr "" -#: ipalib/plugins/hbacrule.py:206 -msgid "Service Groups" +#: ipalib/plugins/dns.py:414 +msgid "format must be specified as \"domain_name\" (see RFC 1035 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:215 +#: ipalib/plugins/dns.py:423 msgid "" -"\n" -" Create a new HBAC rule.\n" -" " +"format must be specified as \"next_domain_name type1 [type2 [type3 " +"[...]]]\" (see RFC 4034 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:219 -msgid "Added HBAC rule \"%(value)s\"" +#: ipalib/plugins/dns.py:430 +msgid "type must be one of " msgstr "" -#: ipalib/plugins/hbacrule.py:230 +#: ipalib/plugins/dns.py:439 msgid "" -"\n" -" Delete an HBAC rule.\n" -" " -msgstr "" - -#: ipalib/plugins/hbacrule.py:234 -msgid "Deleted HBAC rule \"%(value)s\"" +"format must be specified as \"preference exchanger\" (see RFC 2230 for " +"details)" msgstr "" -#: ipalib/plugins/hbacrule.py:240 -msgid "" -"\n" -" Modify an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:445 +msgid "the value of preference must be integer" msgstr "" -#: ipalib/plugins/hbacrule.py:244 -msgid "Modified HBAC rule \"%(value)s\"" +#: ipalib/plugins/dns.py:448 +msgid "the value of preference must be between 0 and 65535" msgstr "" -#: ipalib/plugins/hbacrule.py:266 +#: ipalib/plugins/dns.py:468 msgid "" -"\n" -" Search for HBAC rules.\n" -" " +"format must be specified as \"type_covered algorithm labels original_ttl " +"signature_expiration signature_inception key_tag signers_name signature" +"\" (see RFC 2535, 4034 for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:270 -msgid "%(count)d HBAC rule matched" -msgid_plural "%(count)d HBAC rules matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/dns.py:474 +msgid "type_covered must be one of " +msgstr "" -#: ipalib/plugins/hbacrule.py:278 -msgid "" -"\n" -" Display the properties of an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:482 +msgid "algorithm, labels, original_ttl and key_tag must be integers" msgstr "" -#: ipalib/plugins/hbacrule.py:286 +#: ipalib/plugins/dns.py:489 msgid "" -"\n" -" Enable an HBAC rule.\n" -" " +"signature_expiration and signature_inception must follow time format " +"\"YYYYMMDDHHMMSS\"" msgstr "" -#: ipalib/plugins/hbacrule.py:290 -msgid "Enabled HBAC rule \"%(value)s\"" +#: ipalib/plugins/dns.py:493 +msgid "the value of algorithm and labels must be between 0 and 255" msgstr "" -#: ipalib/plugins/hbacrule.py:315 -msgid "" -"\n" -" Disable an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:496 +msgid "the value of original_ttl must be between 0 and 4294967295" msgstr "" -#: ipalib/plugins/hbacrule.py:319 -msgid "Disabled HBAC rule \"%(value)s\"" +#: ipalib/plugins/dns.py:499 +msgid "the value of tag must be between 0 and 65535" msgstr "" -#: ipalib/plugins/hbacrule.py:344 +#: ipalib/plugins/dns.py:508 msgid "" -"\n" -" Add an access time to an HBAC rule.\n" -" " +"format must be specified as \"algorithm fp_type fingerprint\" (see RFC 4255 " +"for details)" msgstr "" -#: ipalib/plugins/hbacrule.py:351 ipalib/plugins/hbacrule.py:391 -msgid "Access time" +#: ipalib/plugins/dns.py:515 +msgid "algorithm and fp_type must be integers" msgstr "" -#: ipalib/plugins/hbacrule.py:385 -msgid "" -"\n" -" Remove access time to HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:518 +msgid "the value of algorithm and fp_type must be between 0 and 255" msgstr "" -#: ipalib/plugins/hbacrule.py:425 -msgid "" -"\n" -" Add users and groups to an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:527 +msgid "This DNS RR type is not supported by bind-dyndb-ldap plugin" msgstr "" -#: ipalib/plugins/hbacrule.py:442 -msgid "" -"\n" -" Remove users and groups from an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:611 +#, python-format +msgid "Nameserver '%(host)s' does not have a corresponding A/AAAA record" msgstr "" -#: ipalib/plugins/hbacrule.py:452 -msgid "" -"\n" -" Add target hosts and hostgroups to an HBAC rule\n" -" " +#: ipalib/plugins/dns.py:638 +msgid "DNS zone" msgstr "" -#: ipalib/plugins/hbacrule.py:469 -msgid "" -"\n" -" Remove target hosts and hostgroups from an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:639 +msgid "DNS zones" msgstr "" -#: ipalib/plugins/hbacrule.py:479 -msgid "" -"\n" -" Add source hosts and hostgroups from a HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:646 +msgid "DNS Zones" msgstr "" -#: ipalib/plugins/hbacrule.py:496 -msgid "" -"\n" -" Remove source hosts and hostgroups from an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:647 +msgid "DNS Zone" msgstr "" -#: ipalib/plugins/hbacrule.py:506 -msgid "" -"\n" -" Add services to an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:652 +msgid "Zone name" msgstr "" -#: ipalib/plugins/hbacrule.py:523 -msgid "" -"\n" -" Remove service and service groups from an HBAC rule.\n" -" " +#: ipalib/plugins/dns.py:653 +msgid "Zone name (FQDN)" msgstr "" -#: ipalib/plugins/hbacsvc.py:19 -msgid "" -"\n" -"HBAC Services\n" -"\n" -"The PAM services that HBAC can control access to. The name used here\n" -"must match the service name that PAM is evaluating.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new HBAC service:\n" -" ipa hbacsvc-add tftp\n" -"\n" -" Modify an existing HBAC service:\n" -" ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n" -"\n" -" Search for HBAC services. This example will return two results, the FTP\n" -" service and the newly-added tftp service:\n" -" ipa hbacsvc-find ftp\n" -"\n" -" Delete an HBAC service:\n" -" ipa hbacsvc-del tftp\n" -"\n" +#: ipalib/plugins/dns.py:659 +msgid "Reverse zone IP network" msgstr "" -#: ipalib/plugins/hbacsvc.py:51 -msgid "" -"\n" -" HBAC Service object.\n" -" " +#: ipalib/plugins/dns.py:660 +msgid "IP network to create reverse zone name from" msgstr "" -#: ipalib/plugins/hbacsvc.py:61 -msgid "HBAC Services" +#: ipalib/plugins/dns.py:665 +msgid "Authoritative nameserver" msgstr "" -#: ipalib/plugins/hbacsvc.py:66 -msgid "Service name" +#: ipalib/plugins/dns.py:666 +msgid "Authoritative nameserver domain name" msgstr "" -#: ipalib/plugins/hbacsvc.py:67 -msgid "HBAC service" +#: ipalib/plugins/dns.py:671 ipalib/plugins/dns.py:672 +msgid "Administrator e-mail address" msgstr "" -#: ipalib/plugins/hbacsvc.py:74 -msgid "HBAC service description" +#: ipalib/plugins/dns.py:678 +msgid "SOA serial" msgstr "" -#: ipalib/plugins/hbacsvc.py:82 -msgid "" -"\n" -" Add a new HBAC service.\n" -" " +#: ipalib/plugins/dns.py:679 +msgid "SOA record serial number" msgstr "" -#: ipalib/plugins/hbacsvc.py:85 -msgid "Added HBAC service \"%(value)s\"" +#: ipalib/plugins/dns.py:686 +msgid "SOA refresh" msgstr "" -#: ipalib/plugins/hbacsvc.py:91 -msgid "" -"\n" -" Delete an existing HBAC service.\n" -" " +#: ipalib/plugins/dns.py:687 +msgid "SOA record refresh time" msgstr "" -#: ipalib/plugins/hbacsvc.py:94 -msgid "Deleted HBAC service \"%(value)s\"" +#: ipalib/plugins/dns.py:694 +msgid "SOA retry" msgstr "" -#: ipalib/plugins/hbacsvc.py:100 -msgid "" -"\n" -" Modify an HBAC service.\n" -" " +#: ipalib/plugins/dns.py:695 +msgid "SOA record retry time" msgstr "" -#: ipalib/plugins/hbacsvc.py:104 -msgid "Modified HBAC service \"%(value)s\"" +#: ipalib/plugins/dns.py:702 +msgid "SOA expire" msgstr "" -#: ipalib/plugins/hbacsvc.py:110 -msgid "" -"\n" -" Search for HBAC services.\n" -" " +#: ipalib/plugins/dns.py:703 +msgid "SOA record expire time" msgstr "" -#: ipalib/plugins/hbacsvc.py:114 -msgid "%(count)d HBAC service matched" -msgid_plural "%(count)d HBAC services matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/dns.py:710 +msgid "SOA minimum" +msgstr "" -#: ipalib/plugins/hbacsvc.py:122 -msgid "" -"\n" -" Display information about an HBAC service.\n" -" " +#: ipalib/plugins/dns.py:711 +msgid "How long should negative responses be cached" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:19 -msgid "" -"\n" -"HBAC Service Groups\n" -"\n" -"HBAC service groups can contain any number of individual services,\n" -"or \"members\". Every group must have a description.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new HBAC service group:\n" -" ipa hbacsvcgroup-add --desc=\"login services\" login\n" -"\n" -" Add members to an HBAC service group:\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login\n" -"\n" -" Display information about a named group:\n" -" ipa hbacsvcgroup-show login\n" -"\n" -" Add a new group to the \"login\" group:\n" -" ipa hbacsvcgroup-add --desc=\"switch users\" login\n" -" ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login\n" -"\n" -" Delete an HBAC service group:\n" -" ipa hbacsvcgroup-del login\n" +#: ipalib/plugins/dns.py:719 +msgid "SOA time to live" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:51 -msgid "" -"\n" -" HBAC service group object.\n" -" " +#: ipalib/plugins/dns.py:720 +msgid "SOA record time to live" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:64 -msgid "HBAC service Groups" +#: ipalib/plugins/dns.py:724 +msgid "SOA class" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:69 -msgid "Service group name" +#: ipalib/plugins/dns.py:725 +msgid "SOA record class" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:76 -msgid "HBAC service group description" +#: ipalib/plugins/dns.py:730 ipalib/plugins/dns.py:731 +msgid "BIND update policy" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:84 -msgid "" -"\n" -" Add a new HBAC service group.\n" -" " -msgstr "" - -#: ipalib/plugins/hbacsvcgroup.py:87 -msgid "Added HBAC service group \"%(value)s\"" -msgstr "" - -#: ipalib/plugins/hbacsvcgroup.py:93 -msgid "" -"\n" -" Delete an HBAC service group.\n" -" " -msgstr "" - -#: ipalib/plugins/hbacsvcgroup.py:96 -msgid "Deleted HBAC service group \"%(value)s\"" -msgstr "" - -#: ipalib/plugins/hbacsvcgroup.py:102 -msgid "" -"\n" -" Modify an HBAC service group.\n" -" " -msgstr "" - -#: ipalib/plugins/hbacsvcgroup.py:105 -msgid "Modified HBAC service group \"%(value)s\"" +#: ipalib/plugins/dns.py:735 +msgid "Active zone" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:111 -msgid "" -"\n" -" Search for an HBAC service group.\n" -" " +#: ipalib/plugins/dns.py:736 +msgid "Is zone active?" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:114 -msgid "%(count)d HBAC service group matched" -msgid_plural "%(count)d HBAC service groups matched" -msgstr[0] "" -msgstr[1] "" - -#: ipalib/plugins/hbacsvcgroup.py:122 -msgid "" -"\n" -" Display information about an HBAC service group.\n" -" " +#: ipalib/plugins/dns.py:742 +msgid "Dynamic update" msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:130 -msgid "" -"\n" -" Add members to an HBAC service group.\n" -" " +#: ipalib/plugins/dns.py:743 +msgid "Allow dynamic updates." msgstr "" -#: ipalib/plugins/hbacsvcgroup.py:138 -msgid "" -"\n" -" Remove members from an HBAC service group.\n" -" " +#: ipalib/plugins/dns.py:754 +msgid "Create new DNS zone (SOA record)." msgstr "" -#: ipalib/plugins/host.py:20 -msgid "" -"\n" -"Hosts/Machines\n" -"\n" -"A host represents a machine. It can be used in a number of contexts:\n" -"- service entries are associated with a host\n" -"- a host stores the host/ service principal\n" -"- a host can be used in Host-based Access Control (HBAC) rules\n" -"- every enrolled client generates a host entry\n" -"\n" -"ENROLLMENT:\n" -"\n" -"There are three enrollment scenarios when enrolling a new client:\n" -"\n" -"1. You are enrolling as a full administrator. The host entry may exist\n" -" or not. A full administrator is a member of the hostadmin role\n" -" or the admins group.\n" -"2. You are enrolling as a limited administrator. The host must already\n" -" exist. A limited administrator is a member a role with the\n" -" Host Enrollment privilege.\n" -"3. The host has been created with a one-time password.\n" -"\n" -"A host can only be enrolled once. If a client has enrolled and needs to\n" -"be re-enrolled, the host entry must be removed and re-created. Note that\n" -"re-creating the host entry will result in all services for the host being\n" -"removed, and all SSL certificates associated with those services being\n" -"revoked.\n" -"\n" -"A host can optionally store information such as where it is located,\n" -"the OS that it runs, etc.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new host:\n" -" ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." -"com\n" -"\n" -" Delete a host:\n" -" ipa host-del test.example.com\n" -"\n" -" Add a new host with a one-time password:\n" -" ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" -"\n" -" Add a new host with a random one-time password:\n" -" ipa host-add --os='Fedora 12' --random test.example.com\n" -"\n" -" Modify information about a host:\n" -" ipa host-mod --os='Fedora 12' test.example.com\n" -"\n" -" Disable the host Kerberos key, SSL certificate and all of its services:\n" -" ipa host-disable test.example.com\n" -"\n" -" Add a host that can manage this host's keytab and certificate:\n" -" ipa host-add-managedby --hosts=test2 test\n" +#: ipalib/plugins/dns.py:758 ipalib/plugins/dns.py:1155 +#: ipalib/plugins/host.py:373 ipalib/plugins/service.py:252 +msgid "Force" msgstr "" -#: ipalib/plugins/host.py:97 -msgid "" -"\n" -" Require at least one dot in the hostname (to support localhost." -"localdomain)\n" -" " +#: ipalib/plugins/dns.py:759 +msgid "Force DNS zone creation even if nameserver not in DNS." msgstr "" -#: ipalib/plugins/host.py:101 -msgid "Fully-qualified hostname required" +#: ipalib/plugins/dns.py:762 +msgid "Add the nameserver to DNS with this IP address" msgstr "" -#: ipalib/plugins/host.py:129 -msgid "DNS reverse zone for IP address %(addr)s not found" +#: ipalib/plugins/dns.py:775 +msgid "DNS is not configured" msgstr "" -#: ipalib/plugins/host.py:153 ipalib/plugins/service.py:87 -msgid "Keytab" +#: ipalib/plugins/dns.py:785 +msgid "Nameserver address is not a fully qualified domain name" msgstr "" -#: ipalib/plugins/host.py:185 -msgid "" -"\n" -" Verify that we have either an IPv4 or IPv6 address.\n" -" " +#: ipalib/plugins/dns.py:811 +msgid "Delete DNS zone (SOA record)." msgstr "" -#: ipalib/plugins/host.py:189 -msgid "invalid IP address" +#: ipalib/plugins/dns.py:817 +msgid "Modify DNS zone (SOA record)." msgstr "" -#: ipalib/plugins/host.py:194 -msgid "" -"\n" -" Host object.\n" -" " +#: ipalib/plugins/dns.py:830 +msgid "Search for DNS zones (SOA records)." msgstr "" -#: ipalib/plugins/host.py:231 -msgid "Host name" +#: ipalib/plugins/dns.py:848 +msgid "Forward zones only" msgstr "" -#: ipalib/plugins/host.py:238 -msgid "A description of this host" +#: ipalib/plugins/dns.py:850 +msgid "Search for forward zones only" msgstr "" -#: ipalib/plugins/host.py:242 -msgid "Locality" +#: ipalib/plugins/dns.py:869 +msgid "Display information about a DNS zone (SOA record)." msgstr "" -#: ipalib/plugins/host.py:243 -msgid "Host locality (e.g. \"Baltimore, MD\")" +#: ipalib/plugins/dns.py:875 +msgid "Disable DNS Zone." msgstr "" -#: ipalib/plugins/host.py:248 -msgid "Host location (e.g. \"Lab 2\")" +#: ipalib/plugins/dns.py:878 +#, python-format +msgid "Disabled DNS zone \"%(value)s\"" msgstr "" -#: ipalib/plugins/host.py:252 -msgid "Platform" +#: ipalib/plugins/dns.py:896 +msgid "Enable DNS Zone." msgstr "" -#: ipalib/plugins/host.py:253 -msgid "Host hardware platform (e.g. \"Lenovo T61\")" +#: ipalib/plugins/dns.py:899 +#, python-format +msgid "Enabled DNS zone \"%(value)s\"" msgstr "" -#: ipalib/plugins/host.py:257 -msgid "Operating system" +#: ipalib/plugins/dns.py:922 +msgid "DNS resource record" msgstr "" -#: ipalib/plugins/host.py:258 -msgid "Host operating system and version (e.g. \"Fedora 9\")" +#: ipalib/plugins/dns.py:923 +msgid "DNS resource records" msgstr "" -#: ipalib/plugins/host.py:262 -msgid "User password" +#: ipalib/plugins/dns.py:927 +msgid "DNS Resource Records" msgstr "" -#: ipalib/plugins/host.py:263 -msgid "Password used in bulk enrollment" +#: ipalib/plugins/dns.py:928 +msgid "DNS Resource Record" msgstr "" -#: ipalib/plugins/host.py:266 -msgid "Generate a random password to be used in bulk enrollment" +#: ipalib/plugins/dns.py:933 ipalib/plugins/dns.py:934 +msgid "Record name" msgstr "" -#: ipalib/plugins/host.py:271 -msgid "Random password" +#: ipalib/plugins/dns.py:939 ipalib/plugins/dns.py:940 +msgid "Time to live" msgstr "" -#: ipalib/plugins/host.py:277 ipalib/plugins/service.py:233 -msgid "Base-64 encoded server certificate" +#: ipalib/plugins/dns.py:944 +msgid "Class" msgstr "" -#: ipalib/plugins/host.py:280 ipalib/plugins/host.py:548 -msgid "Principal name" +#: ipalib/plugins/dns.py:945 +msgid "DNS class" msgstr "" -#: ipalib/plugins/host.py:306 +#: ipalib/plugins/dns.py:972 +#, python-format msgid "" -"\n" -" Add a new host.\n" -" " +"Reverse zone for PTR record should be a sub-zone of one the following fully " +"qualified domains: %s" msgstr "" -#: ipalib/plugins/host.py:311 -msgid "Added host \"%(value)s\"" +#: ipalib/plugins/dns.py:977 +#, python-format +msgid "Reverse zone %s requires exactly %d IP address components, %d given" msgstr "" -#: ipalib/plugins/host.py:316 -msgid "force host name even if not in DNS" +#: ipalib/plugins/dns.py:1149 +msgid "Add new DNS resource record." msgstr "" -#: ipalib/plugins/host.py:319 -msgid "skip reverse DNS detection" +#: ipalib/plugins/dns.py:1157 +msgid "force NS record creation even if its hostname is not in DNS" msgstr "" -#: ipalib/plugins/host.py:322 -msgid "Add the host to DNS with this IP address" +#: ipalib/plugins/dns.py:1210 +msgid "Modify a DNS resource record." msgstr "" -#: ipalib/plugins/host.py:338 ipalib/plugins/host.py:477 -msgid "DNS zone %(zone)s not found" +#: ipalib/plugins/dns.py:1250 +#, python-format +msgid "Deleted record \"%(value)s\"" msgstr "" -#: ipalib/plugins/host.py:413 -msgid "The host was added but the DNS update failed with: %(exc)s" +#: ipalib/plugins/dns.py:1257 +msgid "Delete DNS resource record." msgstr "" -#: ipalib/plugins/host.py:422 +#: ipalib/plugins/dns.py:1259 msgid "" -"\n" -" Delete a host.\n" -" " +"Neither --del-all nor options to delete a specific record provided.\n" +"Command help may be consulted for all supported record types." msgstr "" -#: ipalib/plugins/host.py:426 -msgid "Deleted host \"%(value)s\"" +#: ipalib/plugins/dns.py:1264 +msgid "Delete all associated records" msgstr "" -#: ipalib/plugins/host.py:431 -msgid "Remove entries from DNS" +#: ipalib/plugins/dns.py:1291 +msgid "No option to delete specific record provided." msgstr "" -#: ipalib/plugins/host.py:537 -msgid "" -"\n" -" Modify information about a host.\n" -" " +#: ipalib/plugins/dns.py:1292 +msgid "Delete all?" msgstr "" -#: ipalib/plugins/host.py:542 -msgid "Modified host \"%(value)s\"" +#: ipalib/plugins/dns.py:1302 +msgid "Current DNS record contents:\n" msgstr "" -#: ipalib/plugins/host.py:549 -msgid "Kerberos principal name for this host" +#: ipalib/plugins/dns.py:1316 +#, python-format +msgid "Delete %s '%s'?" msgstr "" -#: ipalib/plugins/host.py:618 -msgid "" -"\n" -" Search for hosts.\n" -" " +#: ipalib/plugins/dns.py:1331 +#, python-format +msgid "%s record with value %s not found" msgstr "" -#: ipalib/plugins/host.py:623 -msgid "%(count)d host matched" -msgid_plural "%(count)d hosts matched" -msgstr[0] "" -msgstr[1] "" - -#: ipalib/plugins/host.py:643 -msgid "" -"\n" -" Display information about a host.\n" -" " +#: ipalib/plugins/dns.py:1345 +msgid "Display DNS resource." msgstr "" -#: ipalib/plugins/host.py:649 ipalib/plugins/service.py:400 -msgid "file to store certificate in" +#: ipalib/plugins/dns.py:1360 +msgid "Search for DNS resources." msgstr "" -#: ipalib/plugins/host.py:673 ipalib/plugins/service.py:422 -msgid "Certificate stored in file '%(file)s'" +#: ipalib/plugins/dns.py:1386 +msgid "Resolve a host name in DNS." msgstr "" -#: ipalib/plugins/host.py:684 -msgid "" -"\n" -" Disable the Kerberos key, SSL certificate and all services of a host.\n" -" " +#: ipalib/plugins/dns.py:1389 +#, python-format +msgid "Found '%(value)s'" msgstr "" -#: ipalib/plugins/host.py:688 -msgid "Disabled host \"%(value)s\"" +#: ipalib/plugins/dns.py:1393 +msgid "Hostname" msgstr "" -#: ipalib/plugins/host.py:770 -msgid "" -"\n" -" Add hosts that can manage this host.\n" -" " +#: ipalib/plugins/dns.py:1415 +#, python-format +msgid "Host '%(host)s' not found" msgstr "" -#: ipalib/plugins/host.py:781 +#: ipalib/plugins/entitle.py:52 msgid "" "\n" -" Remove hosts that can manage this host.\n" -" " -msgstr "" - -#: ipalib/plugins/hostgroup.py:20 -msgid "" +"Entitlements\n" "\n" -"Groups of hosts.\n" +"Manage entitlements for client machines\n" "\n" -"Manage groups of hosts. This is useful for applying access control to a\n" -"number of hosts by using Host-based Access Control.\n" +"Entitlements can be managed either by registering with an entitlement\n" +"server with a username and password or by manually importing entitlement\n" +"certificates. An entitlement certificate contains embedded information\n" +"such as the product being entitled, the quantity and the validity dates.\n" "\n" -"EXAMPLES:\n" +"An entitlement server manages the number of client entitlements available.\n" +"To mark these entitlements as used by the IPA server you provide a quantity\n" +"and they are marked as consumed on the entitlement server.\n" "\n" -" Add a new host group:\n" -" ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" +" Register with an entitlement server:\n" +" ipa entitle-register consumer\n" "\n" -" Add another new host group:\n" -" ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" +" Import an entitlement certificate:\n" +" ipa entitle-import /home/user/ipaclient.pem\n" "\n" -" Add members to the hostgroup:\n" -" ipa hostgroup-add-member --hosts=box1,box2,box3 baltimore\n" +" Display current entitlements:\n" +" ipa entitle-status\n" "\n" -" Add a hostgroup as a member of another hostgroup:\n" -" ipa hostgroup-add-member --hostgroups=baltimore maryland\n" +" Retrieve details on entitlement certificates:\n" +" ipa entitle-get\n" "\n" -" Remove a host from the hostgroup:\n" -" ipa hostgroup-remove-member --hosts=box2 baltimore\n" +" Consume some entitlements from the entitlement server:\n" +" ipa entitle-consume 50\n" "\n" -" Display a host group:\n" -" ipa hostgroup-show baltimore\n" +"The registration ID is a Unique Identifier (UUID). This ID will be\n" +"IMPORTED if you have used entitle-import.\n" "\n" -" Delete a hostgroup:\n" -" ipa hostgroup-del baltimore\n" +"Changes to /etc/rhsm/rhsm.conf require a restart of the httpd service.\n" msgstr "" -#: ipalib/plugins/hostgroup.py:55 -msgid "" -"\n" -" Hostgroup object.\n" -" " +#: ipalib/plugins/entitle.py:183 +msgid "entitlement" msgstr "" -#: ipalib/plugins/hostgroup.py:78 -msgid "Host-group" +#: ipalib/plugins/entitle.py:184 +msgid "entitlements" msgstr "" -#: ipalib/plugins/hostgroup.py:79 -msgid "Name of host-group" +#: ipalib/plugins/entitle.py:190 +msgid "Entitlements" msgstr "" -#: ipalib/plugins/hostgroup.py:86 -msgid "A description of this host-group" +#: ipalib/plugins/entitle.py:191 +msgid "Entitlement" msgstr "" -#: ipalib/plugins/hostgroup.py:94 -msgid "" -"\n" -" Add a new hostgroup.\n" -" " +#: ipalib/plugins/entitle.py:208 +msgid "Display current entitlements." msgstr "" -#: ipalib/plugins/hostgroup.py:98 -msgid "Added hostgroup \"%(value)s\"" +#: ipalib/plugins/entitle.py:214 ipalib/plugins/entitle.py:597 +msgid "UUID" msgstr "" -#: ipalib/plugins/hostgroup.py:104 -msgid "" -"\n" -" Delete a hostgroup.\n" -" " +#: ipalib/plugins/entitle.py:217 ipalib/plugins/entitle.py:304 +#: ipalib/plugins/entitle.py:384 ipalib/plugins/entitle.py:570 +#: ipalib/plugins/entitle.py:683 ipalib/plugins/internal.py:331 +msgid "Product" msgstr "" -#: ipalib/plugins/hostgroup.py:108 -msgid "Deleted hostgroup \"%(value)s\"" +#: ipalib/plugins/entitle.py:220 ipalib/plugins/entitle.py:284 +#: ipalib/plugins/entitle.py:294 ipalib/plugins/entitle.py:387 +#: ipalib/plugins/entitle.py:573 ipalib/plugins/entitle.py:673 +msgid "Quantity" msgstr "" -#: ipalib/plugins/hostgroup.py:114 -msgid "" -"\n" -" Modify a hostgroup.\n" -" " +#: ipalib/plugins/entitle.py:223 ipalib/plugins/entitle.py:307 +#: ipalib/plugins/entitle.py:576 ipalib/plugins/entitle.py:686 +#: ipalib/plugins/internal.py:322 +msgid "Consumed" msgstr "" -#: ipalib/plugins/hostgroup.py:118 -msgid "Modified hostgroup \"%(value)s\"" +#: ipalib/plugins/entitle.py:276 +msgid "Consume an entitlement." msgstr "" -#: ipalib/plugins/hostgroup.py:124 -msgid "" -"\n" -" Search for hostgroups.\n" -" " +#: ipalib/plugins/entitle.py:280 +#, python-format +msgid "Consumed %(value)s entitlement(s)." msgstr "" -#: ipalib/plugins/hostgroup.py:128 -msgid "%(count)d hostgroup matched" -msgid_plural "%(count)d hostgroups matched" -msgstr[0] "" -msgstr[1] "" - -#: ipalib/plugins/hostgroup.py:136 -msgid "" -"\n" -" Display information about a hostgroup.\n" -" " +#: ipalib/plugins/entitle.py:378 +msgid "Retrieve the entitlement certs." msgstr "" -#: ipalib/plugins/hostgroup.py:144 -msgid "" -"\n" -" Add members to a hostgroup.\n" -" " +#: ipalib/plugins/entitle.py:390 ipalib/plugins/internal.py:334 +msgid "Start" msgstr "" -#: ipalib/plugins/hostgroup.py:152 -msgid "" -"\n" -" Remove members from a hostgroup.\n" -" " +#: ipalib/plugins/entitle.py:393 ipalib/plugins/internal.py:325 +msgid "End" msgstr "" -#: ipalib/plugins/internal.py:22 -msgid "" -"\n" -"Plugins not accessible directly through the CLI, commands used internally\n" +#: ipalib/plugins/entitle.py:396 ipalib/plugins/host.py:178 +#: ipalib/plugins/internal.py:289 ipalib/plugins/service.py:97 +msgid "Serial Number" msgstr "" -#: ipalib/plugins/internal.py:36 -msgid "" -"\n" -" Export plugin meta-data for the webUI.\n" -" " +#: ipalib/plugins/entitle.py:431 ipalib/plugins/entitle.py:621 +#: ipalib/plugins/entitle.py:623 +msgid "Not an entitlement certificate" msgstr "" -#: ipalib/plugins/internal.py:44 -msgid "Name of object to export" +#: ipalib/plugins/entitle.py:456 +msgid "Search for entitlement accounts." msgstr "" -#: ipalib/plugins/internal.py:47 -msgid "Name of method to export" +#: ipalib/plugins/entitle.py:468 +msgid "Register to the entitlement system." msgstr "" -#: ipalib/plugins/internal.py:52 -msgid "Dict of JSON encoded IPA Objects" +#: ipalib/plugins/entitle.py:472 +msgid "Registered to entitlement server." msgstr "" -#: ipalib/plugins/internal.py:53 -msgid "Dict of JSON encoded IPA Methods" +#: ipalib/plugins/entitle.py:476 +msgid "Username" msgstr "" -#: ipalib/plugins/internal.py:96 -msgid "Logged In As" +#: ipalib/plugins/entitle.py:483 +msgid "Enrollment UUID (not implemented)" msgstr "" -#: ipalib/plugins/internal.py:99 -msgid "Attribute" +#: ipalib/plugins/entitle.py:488 +msgid "Registration password" msgstr "" -#: ipalib/plugins/internal.py:102 -msgid "Add Automount Location" +#: ipalib/plugins/entitle.py:566 +msgid "Import an entitlement certificate." msgstr "" -#: ipalib/plugins/internal.py:103 -msgid "Automount Location Settings" +#: ipalib/plugins/entitle.py:598 +msgid "Enrollment UUID" msgstr "" -#: ipalib/plugins/internal.py:106 -msgid "Add Automount Map" +#: ipalib/plugins/entitle.py:662 +msgid "Re-sync the local entitlement cache with the entitlement server." msgstr "" -#: ipalib/plugins/internal.py:109 -msgid "Add Automount Key" +#: ipalib/plugins/entitle.py:666 +msgid "Entitlement(s) synchronized." msgstr "" -#: ipalib/plugins/internal.py:112 -msgid "Unspecified" +#: ipalib/plugins/group.py:26 +msgid "" +"\n" +"Groups of users\n" +"\n" +"Manage groups of users. By default, new groups are POSIX groups. You\n" +"can add the --nonposix option to the group-add command to mark a new group\n" +"as non-POSIX. You can use the --posix argument with the group-mod command\n" +"to convert a non-POSIX group into a POSIX group. POSIX groups cannot be\n" +"converted to non-POSIX groups.\n" +"\n" +"Every group must have a description.\n" +"\n" +"POSIX groups must have a Group ID (GID) number. Changing a GID is\n" +"supported but can have an impact on your file permissions. It is not " +"necessary\n" +"to supply a GID when creating a group. IPA will generate one automatically\n" +"if it is not provided.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new group:\n" +" ipa group-add --desc='local administrators' localadmins\n" +"\n" +" Add a new non-POSIX group:\n" +" ipa group-add --nonposix --desc='remote administrators' remoteadmins\n" +"\n" +" Convert a non-POSIX group to posix:\n" +" ipa group-mod --posix remoteadmins\n" +"\n" +" Add a new POSIX group with a specific Group ID number:\n" +" ipa group-add --gid=500 --desc='unix admins' unixadmins\n" +"\n" +" Add a new POSIX group and let IPA assign a Group ID number:\n" +" ipa group-add --desc='printer admins' printeradmins\n" +"\n" +" Remove a group:\n" +" ipa group-del unixadmins\n" +"\n" +" To add the \"remoteadmins\" group to the \"localadmins\" group:\n" +" ipa group-add-member --groups=remoteadmins localadmins\n" +"\n" +" Add a list of users to the \"localadmins\" group:\n" +" ipa group-add-member --users=test1,test2 localadmins\n" +"\n" +" Remove a user from the \"localadmins\" group:\n" +" ipa group-remove-member --users=test2 localadmins\n" +"\n" +" Display information about a named group.\n" +" ipa group-show localadmins\n" msgstr "" -#: ipalib/plugins/internal.py:113 -msgid "Key Compromise" +#: ipalib/plugins/group.py:80 +msgid "group" msgstr "" -#: ipalib/plugins/internal.py:114 -msgid "CA Compromise" +#: ipalib/plugins/group.py:81 +msgid "groups" msgstr "" -#: ipalib/plugins/internal.py:115 -msgid "Affiliation Changed" +#: ipalib/plugins/group.py:100 ipalib/plugins/hbacrule.py:192 +#: ipalib/plugins/sudorule.py:144 +msgid "User Groups" msgstr "" -#: ipalib/plugins/internal.py:116 -msgid "Superseded" +#: ipalib/plugins/group.py:101 +msgid "User Group" msgstr "" -#: ipalib/plugins/internal.py:117 -msgid "Cessation of Operation" +#: ipalib/plugins/group.py:109 +msgid "Group name" msgstr "" -#: ipalib/plugins/internal.py:118 -msgid "Certificate Hold" +#: ipalib/plugins/group.py:116 ipalib/plugins/sudocmdgroup.py:79 +msgid "Group description" msgstr "" -#: ipalib/plugins/internal.py:119 -msgid "Remove from CRL" +#: ipalib/plugins/group.py:120 ipalib/plugins/user.py:250 +msgid "GID" msgstr "" -#: ipalib/plugins/internal.py:120 -msgid "Privilege Withdrawn" +#: ipalib/plugins/group.py:121 +msgid "GID (use this option to set it manually)" msgstr "" -#: ipalib/plugins/internal.py:121 -msgid "AA Compromise" +#: ipalib/plugins/group.py:129 +msgid "Create a new group." msgstr "" -#: ipalib/plugins/internal.py:122 -msgid "" -"To confirm your intention to revoke this certificate, select a reason from " -"the pull-down list, and click the \"Revoke\" button." +#: ipalib/plugins/group.py:131 +#, python-format +msgid "Added group \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:124 -msgid "Note" +#: ipalib/plugins/group.py:136 +msgid "Create as a non-POSIX group" msgstr "" -#: ipalib/plugins/internal.py:125 -msgid "Reason for Revocation" +#: ipalib/plugins/group.py:153 +msgid "Delete group." msgstr "" -#: ipalib/plugins/internal.py:126 -msgid "" -"To confirm your intention to restore this certificate, click the \"Restore\" " -"button." +#: ipalib/plugins/group.py:155 +#, python-format +msgid "Deleted group \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:128 -msgid "Issued To" +#: ipalib/plugins/group.py:183 +msgid "Modify a group." msgstr "" -#: ipalib/plugins/internal.py:129 -msgid "Common Name" +#: ipalib/plugins/group.py:185 +#, python-format +msgid "Modified group \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:130 -msgid "Organization" +#: ipalib/plugins/group.py:190 +msgid "change to a POSIX group" msgstr "" -#: ipalib/plugins/internal.py:131 -msgid "Organizational Unit" +#: ipalib/plugins/group.py:222 +msgid "Search for groups." msgstr "" -#: ipalib/plugins/internal.py:133 -msgid "Issued By" +#: ipalib/plugins/group.py:227 +#, python-format +msgid "%(count)d group matched" +msgid_plural "%(count)d groups matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/group.py:233 +msgid "search for private groups" msgstr "" -#: ipalib/plugins/internal.py:134 -msgid "Validity" +#: ipalib/plugins/group.py:263 +msgid "Display information about a named group." msgstr "" -#: ipalib/plugins/internal.py:135 -msgid "Issued On" +#: ipalib/plugins/group.py:269 +msgid "Add members to a group." msgstr "" -#: ipalib/plugins/internal.py:136 -msgid "Expires On" +#: ipalib/plugins/group.py:275 +msgid "Remove members from a group." msgstr "" -#: ipalib/plugins/internal.py:137 -msgid "Fingerprints" +#: ipalib/plugins/group.py:281 +msgid "Detach a managed group from a user." msgstr "" -#: ipalib/plugins/internal.py:138 -msgid "SHA1 Fingerprint" +#: ipalib/plugins/group.py:284 +#, python-format +msgid "Detached group \"%(value)s\" from user \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:139 -msgid "MD5 Fingerprint" +#: ipalib/plugins/group.py:305 +msgid "not allowed to modify user entries" msgstr "" -#: ipalib/plugins/internal.py:140 -msgid "Enter the Base64-encoded CSR below" +#: ipalib/plugins/group.py:311 +msgid "not allowed to modify group entries" msgstr "" -#: ipalib/plugins/internal.py:141 -msgid "Valid Certificate Present" +#: ipalib/plugins/group.py:330 +msgid "Not a managed group" msgstr "" -#: ipalib/plugins/internal.py:142 -msgid "New Certificate" +#: ipalib/plugins/hbacrule.py:25 +msgid "" +"\n" +"Host-based access control\n" +"\n" +"Control who can access what services on what hosts and from where. You\n" +"can use HBAC to control which users or groups on a source host can\n" +"access a service, or group of services, on a target host.\n" +"\n" +"You can also specify a category of users, target hosts, and source\n" +"hosts. This is currently limited to \"all\", but might be expanded in the\n" +"future.\n" +"\n" +"Target hosts and source hosts in HBAC rules must be hosts managed by IPA.\n" +"\n" +"The available services and groups of services are controlled by the\n" +"hbacsvc and hbacsvcgroup plug-ins respectively.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Create a rule, \"test1\", that grants all users access to the host \"server" +"\" from\n" +" anywhere:\n" +" ipa hbacrule-add --usercat=all --srchostcat=all test1\n" +" ipa hbacrule-add-host --hosts=server.example.com test1\n" +"\n" +" Display the properties of a named HBAC rule:\n" +" ipa hbacrule-show test1\n" +"\n" +" Create a rule for a specific service. This lets the user john access\n" +" the sshd service on any machine from any machine:\n" +" ipa hbacrule-add --hostcat=all --srchostcat=all john_sshd\n" +" ipa hbacrule-add-user --users=john john_sshd\n" +" ipa hbacrule-add-service --hbacsvcs=sshd john_sshd\n" +"\n" +" Create a rule for a new service group. This lets the user john access\n" +" the FTP service on any machine from any machine:\n" +" ipa hbacsvcgroup-add ftpers\n" +" ipa hbacsvc-add sftp\n" +" ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers\n" +" ipa hbacrule-add --hostcat=all --srchostcat=all john_ftp\n" +" ipa hbacrule-add-user --users=john john_ftp\n" +" ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp\n" +"\n" +" Disable a named HBAC rule:\n" +" ipa hbacrule-disable test1\n" +"\n" +" Remove a named HBAC rule:\n" +" ipa hbacrule-del allow_server\n" msgstr "" -#: ipalib/plugins/internal.py:143 -msgid "Certificate Revoked" +#: ipalib/plugins/hbacrule.py:89 +msgid "Host-based access control commands" msgstr "" -#: ipalib/plugins/internal.py:144 -msgid "No Valid Certificate" +#: ipalib/plugins/hbacrule.py:93 +msgid "The deny type has been deprecated." msgstr "" -#: ipalib/plugins/internal.py:145 -msgid "Certificate for ${entity} ${primary_key}" +#: ipalib/plugins/hbacrule.py:112 +msgid "HBAC rule" msgstr "" -#: ipalib/plugins/internal.py:146 -msgid "Issue New Certificate for ${entity} ${primary_key}" +#: ipalib/plugins/hbacrule.py:113 +msgid "HBAC rules" msgstr "" -#: ipalib/plugins/internal.py:147 -msgid "Revoke Certificate for ${entity} ${primary_key}" +#: ipalib/plugins/hbacrule.py:131 +msgid "HBAC Rules" msgstr "" -#: ipalib/plugins/internal.py:148 -msgid "Restore Certificate for ${entity} ${primary_key}" +#: ipalib/plugins/hbacrule.py:132 +msgid "HBAC Rule" msgstr "" -#: ipalib/plugins/internal.py:152 -msgid "Name" +#: ipalib/plugins/hbacrule.py:137 ipalib/plugins/sudorule.py:98 +msgid "Rule name" msgstr "" -#: ipalib/plugins/internal.py:155 -msgid "Add Delegation" +#: ipalib/plugins/hbacrule.py:142 +msgid "Rule type (allow)" msgstr "" -#: ipalib/plugins/internal.py:158 -msgid "Add DNS Zone" +#: ipalib/plugins/hbacrule.py:143 +msgid "Rule type" msgstr "" -#: ipalib/plugins/internal.py:159 -msgid "DNS Zone Settings" +#: ipalib/plugins/hbacrule.py:153 ipalib/plugins/netgroup.py:126 +#: ipalib/plugins/sudorule.py:111 +msgid "User category" msgstr "" -#: ipalib/plugins/internal.py:162 -msgid "Add DNS Resource Record" +#: ipalib/plugins/hbacrule.py:154 ipalib/plugins/netgroup.py:127 +#: ipalib/plugins/sudorule.py:112 +msgid "User category the rule applies to" msgstr "" -#: ipalib/plugins/internal.py:163 -msgid "Resource" +#: ipalib/plugins/hbacrule.py:159 ipalib/plugins/netgroup.py:132 +#: ipalib/plugins/sudorule.py:117 +msgid "Host category" msgstr "" -#: ipalib/plugins/internal.py:165 -msgid "Data" +#: ipalib/plugins/hbacrule.py:160 ipalib/plugins/netgroup.py:133 +#: ipalib/plugins/sudorule.py:118 +msgid "Host category the rule applies to" msgstr "" -#: ipalib/plugins/internal.py:166 -msgid "Records for DNS Zone" +#: ipalib/plugins/hbacrule.py:165 +msgid "Source host category" msgstr "" -#: ipalib/plugins/internal.py:169 -msgid "Add Group" +#: ipalib/plugins/hbacrule.py:166 +msgid "Source host category the rule applies to" msgstr "" -#: ipalib/plugins/internal.py:170 -msgid "Group Settings" +#: ipalib/plugins/hbacrule.py:171 +msgid "Service category" msgstr "" -#: ipalib/plugins/internal.py:171 ipalib/plugins/internal.py:206 -msgid "Is this a POSIX group?" +#: ipalib/plugins/hbacrule.py:172 +msgid "Service category the rule applies to" msgstr "" -#: ipalib/plugins/internal.py:174 -msgid "Add HBAC Rule" +#: ipalib/plugins/hbacrule.py:184 ipalib/plugins/sudorule.py:106 +msgid "Enabled" msgstr "" -#: ipalib/plugins/internal.py:175 ipalib/plugins/internal.py:280 -#: ipalib/plugins/internal.py:306 -msgid "Active" +#: ipalib/plugins/hbacrule.py:188 ipalib/plugins/sudorule.py:140 +#: ipalib/plugins/user.py:168 +msgid "Users" msgstr "" -#: ipalib/plugins/internal.py:176 ipalib/plugins/internal.py:282 -msgid "Allow" +#: ipalib/plugins/hbacrule.py:196 ipalib/plugins/host.py:248 +#: ipalib/plugins/sudorule.py:148 +msgid "Hosts" msgstr "" -#: ipalib/plugins/internal.py:177 ipalib/plugins/internal.py:283 -msgid "Deny" +#: ipalib/plugins/hbacrule.py:200 ipalib/plugins/hostgroup.py:74 +#: ipalib/plugins/sudorule.py:152 +msgid "Host Groups" msgstr "" -#: ipalib/plugins/internal.py:178 ipalib/plugins/internal.py:281 -#: ipalib/plugins/internal.py:308 -msgid "Inactive" +#: ipalib/plugins/hbacrule.py:204 +msgid "Source Hosts" msgstr "" -#: ipalib/plugins/internal.py:179 ipalib/plugins/internal.py:296 -msgid "Rule status" +#: ipalib/plugins/hbacrule.py:208 +msgid "Source Host Groups" msgstr "" -#: ipalib/plugins/internal.py:180 ipalib/plugins/internal.py:284 -msgid "Who" +#: ipalib/plugins/hbacrule.py:212 ipalib/plugins/internal.py:359 +#: ipalib/plugins/service.py:222 +msgid "Services" msgstr "" -#: ipalib/plugins/internal.py:181 ipalib/plugins/internal.py:285 -msgid "Anyone" -msgstr "" - -#: ipalib/plugins/internal.py:182 ipalib/plugins/internal.py:286 -msgid "Specified Users and Groups" -msgstr "" - -#: ipalib/plugins/internal.py:183 -msgid "Accessing" -msgstr "" - -#: ipalib/plugins/internal.py:184 ipalib/plugins/internal.py:288 -msgid "Any Host" -msgstr "" - -#: ipalib/plugins/internal.py:185 ipalib/plugins/internal.py:289 -msgid "Specified Hosts and Groups" -msgstr "" - -#: ipalib/plugins/internal.py:186 -msgid "Via Service" -msgstr "" - -#: ipalib/plugins/internal.py:187 -msgid "Any Service" -msgstr "" - -#: ipalib/plugins/internal.py:188 -msgid "Specified Services and Groups" -msgstr "" - -#: ipalib/plugins/internal.py:189 -msgid "From" -msgstr "" - -#: ipalib/plugins/internal.py:192 -msgid "Add HBAC Service" -msgstr "" - -#: ipalib/plugins/internal.py:195 -msgid "Add HBAC Service Group" -msgstr "" - -#: ipalib/plugins/internal.py:199 -msgid "Add Host" -msgstr "" - -#: ipalib/plugins/internal.py:200 -msgid "Host Certificate" +#: ipalib/plugins/hbacrule.py:216 +msgid "Service Groups" msgstr "" -#: ipalib/plugins/internal.py:201 ipalib/plugins/internal.py:259 -msgid "Host Name" +#: ipalib/plugins/hbacrule.py:225 +msgid "Create a new HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:202 -msgid "Host Settings" +#: ipalib/plugins/hbacrule.py:227 +#, python-format +msgid "Added HBAC rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:203 -msgid "Enrolled?" +#: ipalib/plugins/hbacrule.py:238 +msgid "Delete an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:204 -msgid "Enrollment" +#: ipalib/plugins/hbacrule.py:240 +#, python-format +msgid "Deleted HBAC rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:205 -msgid "Fully Qualified Host Name" +#: ipalib/plugins/hbacrule.py:246 +msgid "Modify an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:207 ipalib/plugins/internal.py:262 -msgid "Status" +#: ipalib/plugins/hbacrule.py:248 +#, python-format +msgid "Modified HBAC rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:208 -msgid "Kerberos Key Present, Host Provisioned" +#: ipalib/plugins/hbacrule.py:270 +msgid "Search for HBAC rules." msgstr "" -#: ipalib/plugins/internal.py:209 ipalib/plugins/internal.py:264 -msgid "Delete Key, Unprovision" -msgstr "" +#: ipalib/plugins/hbacrule.py:273 +#, python-format +msgid "%(count)d HBAC rule matched" +msgid_plural "%(count)d HBAC rules matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/internal.py:210 ipalib/plugins/internal.py:265 -msgid "Kerberos Key Not Present" +#: ipalib/plugins/hbacrule.py:280 +msgid "Display the properties of an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:211 -msgid "Enroll via One-Time-Password" +#: ipalib/plugins/hbacrule.py:286 +msgid "Enable an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:212 -msgid "Set OTP" +#: ipalib/plugins/hbacrule.py:288 +#, python-format +msgid "Enabled HBAC rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:213 -msgid "One-Time-Password has been set." +#: ipalib/plugins/hbacrule.py:313 +msgid "Disable an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:214 ipalib/plugins/internal.py:266 -msgid "Unprovisioning ${entity}" +#: ipalib/plugins/hbacrule.py:315 +#, python-format +msgid "Disabled HBAC rule \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:215 -msgid "Are you sure you want to unprovision this host?" +#: ipalib/plugins/hbacrule.py:347 ipalib/plugins/hbacrule.py:387 +msgid "Access time" msgstr "" -#: ipalib/plugins/internal.py:216 ipalib/plugins/internal.py:268 -msgid "Unprovision" +#: ipalib/plugins/hbacrule.py:421 +msgid "Add users and groups to an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:219 -msgid "Add Host Group" +#: ipalib/plugins/hbacrule.py:440 +msgid "Remove users and groups from an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:220 -msgid "Host Group Settings" +#: ipalib/plugins/hbacrule.py:449 +msgid "Add target hosts and hostgroups to an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:223 -msgid "Kerberos ticket policy" +#: ipalib/plugins/hbacrule.py:468 +msgid "Remove target hosts and hostgroups from an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:226 -msgid "Add Netgroup" +#: ipalib/plugins/hbacrule.py:477 +msgid "Add source hosts and hostgroups from a HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:227 -msgid "Netgroup Settings" +#: ipalib/plugins/hbacrule.py:524 +msgid "Remove source hosts and hostgroups from an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:230 -msgid "Add Permission" +#: ipalib/plugins/hbacrule.py:558 +msgid "Add services to an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:231 ipalib/plugins/internal.py:376 -msgid "Identity" +#: ipalib/plugins/hbacrule.py:577 +msgid "Remove service and service groups from an HBAC rule." msgstr "" -#: ipalib/plugins/internal.py:233 -msgid "Target" +#: ipalib/plugins/hbacsvc.py:27 +msgid "" +"\n" +"HBAC Services\n" +"\n" +"The PAM services that HBAC can control access to. The name used here\n" +"must match the service name that PAM is evaluating.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new HBAC service:\n" +" ipa hbacsvc-add tftp\n" +"\n" +" Modify an existing HBAC service:\n" +" ipa hbacsvc-mod --desc=\"TFTP service\" tftp\n" +"\n" +" Search for HBAC services. This example will return two results, the FTP\n" +" service and the newly-added tftp service:\n" +" ipa hbacsvc-find ftp\n" +"\n" +" Delete an HBAC service:\n" +" ipa hbacsvc-del tftp\n" +"\n" msgstr "" -#: ipalib/plugins/internal.py:235 -msgid "By Subtree" +#: ipalib/plugins/hbacsvc.py:50 ipalib/plugins/hbacsvcgroup.py:49 +msgid "Host based access control commands" msgstr "" -#: ipalib/plugins/internal.py:236 -msgid "Target Group" +#: ipalib/plugins/hbacsvc.py:57 ipalib/plugins/hbacsvc.py:73 +msgid "HBAC service" msgstr "" -#: ipalib/plugins/internal.py:237 -msgid "Object By Type" +#: ipalib/plugins/hbacsvc.py:58 +msgid "HBAC services" msgstr "" -#: ipalib/plugins/internal.py:238 -msgid "Permission with invalid target specification" +#: ipalib/plugins/hbacsvc.py:66 +msgid "HBAC Services" msgstr "" -#: ipalib/plugins/internal.py:241 -msgid "Add Privilege" +#: ipalib/plugins/hbacsvc.py:67 +msgid "HBAC Service" msgstr "" -#: ipalib/plugins/internal.py:242 -msgid "Privilege Settings" +#: ipalib/plugins/hbacsvc.py:72 +msgid "Service name" msgstr "" -#: ipalib/plugins/internal.py:245 -msgid "Add Password Policy" +#: ipalib/plugins/hbacsvc.py:80 +msgid "HBAC service description" msgstr "" -#: ipalib/plugins/internal.py:246 ipalib/plugins/pwpolicy.py:219 -msgid "Password Policy" +#: ipalib/plugins/hbacsvc.py:88 +msgid "Add a new HBAC service." msgstr "" -#: ipalib/plugins/internal.py:249 -msgid "Add Role" +#: ipalib/plugins/hbacsvc.py:90 +#, python-format +msgid "Added HBAC service \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:250 -msgid "Role Settings" +#: ipalib/plugins/hbacsvc.py:96 +msgid "Delete an existing HBAC service." msgstr "" -#: ipalib/plugins/internal.py:253 -msgid "Add Self Service Definition" +#: ipalib/plugins/hbacsvc.py:98 +#, python-format +msgid "Deleted HBAC service \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:256 -msgid "Add Service" +#: ipalib/plugins/hbacsvc.py:104 +msgid "Modify an HBAC service." msgstr "" -#: ipalib/plugins/internal.py:257 -msgid "Service Certificate" +#: ipalib/plugins/hbacsvc.py:106 +#, python-format +msgid "Modified HBAC service \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:258 -msgid "Service Settings" +#: ipalib/plugins/hbacsvc.py:112 +msgid "Search for HBAC services." msgstr "" -#: ipalib/plugins/internal.py:260 -msgid "Provisioning" -msgstr "" +#: ipalib/plugins/hbacsvc.py:115 +#, python-format +msgid "%(count)d HBAC service matched" +msgid_plural "%(count)d HBAC services matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/internal.py:261 -msgid "Service" +#: ipalib/plugins/hbacsvc.py:122 +msgid "Display information about an HBAC service." msgstr "" -#: ipalib/plugins/internal.py:263 -msgid "Kerberos Key Present, Service Provisioned" +#: ipalib/plugins/hbacsvcgroup.py:24 +msgid "" +"\n" +"HBAC Service Groups\n" +"\n" +"HBAC service groups can contain any number of individual services,\n" +"or \"members\". Every group must have a description.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new HBAC service group:\n" +" ipa hbacsvcgroup-add --desc=\"login services\" login\n" +"\n" +" Add members to an HBAC service group:\n" +" ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login\n" +"\n" +" Display information about a named group:\n" +" ipa hbacsvcgroup-show login\n" +"\n" +" Add a new group to the \"login\" group:\n" +" ipa hbacsvcgroup-add --desc=\"switch users\" login\n" +" ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login\n" +"\n" +" Delete an HBAC service group:\n" +" ipa hbacsvcgroup-del login\n" msgstr "" -#: ipalib/plugins/internal.py:267 -msgid "Are you sure you want to unprovision this service?" +#: ipalib/plugins/hbacsvcgroup.py:56 +msgid "HBAC service group" msgstr "" -#: ipalib/plugins/internal.py:271 -msgid "Add Sudo Command" +#: ipalib/plugins/hbacsvcgroup.py:57 +msgid "HBAC service groups" msgstr "" -#: ipalib/plugins/internal.py:275 -msgid "Add Sudo Command Group" +#: ipalib/plugins/hbacsvcgroup.py:65 +msgid "HBAC Service Groups" msgstr "" -#: ipalib/plugins/internal.py:276 ipalib/plugins/sudocmdgroup.py:80 -msgid "Commands" +#: ipalib/plugins/hbacsvcgroup.py:66 +msgid "HBAC Service Group" msgstr "" -#: ipalib/plugins/internal.py:279 -msgid "Add Sudo Rule" +#: ipalib/plugins/hbacsvcgroup.py:71 +msgid "Service group name" msgstr "" -#: ipalib/plugins/internal.py:287 -msgid "Access this host" +#: ipalib/plugins/hbacsvcgroup.py:78 +msgid "HBAC service group description" msgstr "" -#: ipalib/plugins/internal.py:290 -msgid "Run Commands" +#: ipalib/plugins/hbacsvcgroup.py:86 +msgid "Add a new HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:291 -msgid "Any Command" +#: ipalib/plugins/hbacsvcgroup.py:88 +#, python-format +msgid "Added HBAC service group \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:292 -msgid "Specified Commands and Groups" +#: ipalib/plugins/hbacsvcgroup.py:94 +msgid "Delete an HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:293 -msgid "As Whom" +#: ipalib/plugins/hbacsvcgroup.py:96 +#, python-format +msgid "Deleted HBAC service group \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:294 -msgid "Any Group" +#: ipalib/plugins/hbacsvcgroup.py:102 +msgid "Modify an HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:295 -msgid "Specified Groups" +#: ipalib/plugins/hbacsvcgroup.py:104 +#, python-format +msgid "Modified HBAC service group \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:297 -msgid "External" +#: ipalib/plugins/hbacsvcgroup.py:110 +msgid "Search for an HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:300 -msgid "Add User" -msgstr "" +#: ipalib/plugins/hbacsvcgroup.py:113 +#, python-format +msgid "%(count)d HBAC service group matched" +msgid_plural "%(count)d HBAC service groups matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/internal.py:301 -msgid "Account Settings" +#: ipalib/plugins/hbacsvcgroup.py:120 +msgid "Display information about an HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:302 -msgid "Contact Settings" +#: ipalib/plugins/hbacsvcgroup.py:126 +msgid "Add members to an HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:303 -msgid "Mailing Address" +#: ipalib/plugins/hbacsvcgroup.py:132 +msgid "Remove members from an HBAC service group." msgstr "" -#: ipalib/plugins/internal.py:304 -msgid "Employee Information" +#: ipalib/plugins/hbactest.py:27 +msgid "" +"\n" +"Simulate use of Host-based access controls\n" +"\n" +"HBAC rules control who can access what services on what hosts and from " +"where.\n" +"You can use HBAC to control which users or groups on a source host can\n" +"access a service, or group of services, on a target host.\n" +"\n" +"Since applying HBAC rules implies use of a production environment,\n" +"this plugin aims to provide simulation of HBAC rules evaluation without\n" +"having access to the production environment.\n" +"\n" +" Test user coming from source host to a service on a named host against\n" +" existing enabled rules.\n" +"\n" +" ipa hbactest --user= --srchost= --host= --service=\n" +" [--rules=rules-list] [--nodetail] [--enabled] [--disabled]\n" +"\n" +" --user, --srchost, --host, and --service are mandatory, others are " +"optional.\n" +"\n" +" If --rules is specified simulate enabling of the specified rules and test\n" +" the login of the user using only these rules.\n" +"\n" +" If --enabled is specified, all enabled HBAC rules will be added to " +"simulation\n" +"\n" +" If --disabled is specified, all disabled HBAC rules will be added to " +"simulation\n" +"\n" +" If --nodetail is specified, do not return information about rules matched/" +"not matched.\n" +"\n" +" If both --rules and --enabled are specified, apply simulation to --rules " +"_and_\n" +" all IPA enabled rules.\n" +"\n" +" If no --rules specified, simulation is run against all IPA enabled rules.\n" +"\n" +"EXAMPLES:\n" +"\n" +" 1. Use all enabled HBAC rules in IPA database to simulate:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd\n" +" --------------------\n" +" Access granted: True\n" +" --------------------\n" +" notmatched: my-second-rule\n" +" notmatched: my-third-rule\n" +" notmatched: myrule\n" +" matched: allow_all\n" +"\n" +" 2. Disable detailed summary of how rules were applied:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd --" +"nodetail\n" +" --------------------\n" +" Access granted: True\n" +" --------------------\n" +"\n" +" 3. Test explicitly specified HBAC rules:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --" +"service=sshd --rules=my-second-rule,myrule\n" +" ---------------------\n" +" Access granted: False\n" +" ---------------------\n" +" notmatched: my-second-rule\n" +" notmatched: myrule\n" +"\n" +" 4. Use all enabled HBAC rules in IPA database + explicitly specified " +"rules:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --" +"service=sshd --rules=my-second-rule,myrule --enabled\n" +" --------------------\n" +" Access granted: True\n" +" --------------------\n" +" notmatched: my-second-rule\n" +" notmatched: my-third-rule\n" +" notmatched: myrule\n" +" matched: allow_all\n" +"\n" +" 5. Test all disabled HBAC rules in IPA database:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd --" +"disabled\n" +" ---------------------\n" +" Access granted: False\n" +" ---------------------\n" +" notmatched: new-rule\n" +"\n" +" 6. Test all disabled HBAC rules in IPA database + explicitly specified " +"rules:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --" +"service=sshd --rules=my-second-rule,myrule --disabled\n" +" ---------------------\n" +" Access granted: False\n" +" ---------------------\n" +" notmatched: my-second-rule\n" +" notmatched: my-third-rule\n" +" notmatched: myrule\n" +"\n" +" 7. Test all (enabled and disabled) HBAC rules in IPA database:\n" +" $ ipa hbactest --user=a1a --srchost=foo --host=bar --" +"service=sshd --enabled --disabled\n" +" --------------------\n" +" Access granted: True\n" +" --------------------\n" +" notmatched: my-second-rule\n" +" notmatched: my-third-rule\n" +" notmatched: myrule\n" +" notmatched: new-rule\n" +" matched: allow_all\n" +"\n" +msgstr "" + +#: ipalib/plugins/hbactest.py:161 +msgid "Simulate use of Host-based access controls" +msgstr "" + +#: ipalib/plugins/hbactest.py:165 +msgid "Matched rules" +msgstr "" + +#: ipalib/plugins/hbactest.py:166 +msgid "Not matched rules" +msgstr "" + +#: ipalib/plugins/hbactest.py:167 +msgid "Non-existent or invalid rules" +msgstr "" + +#: ipalib/plugins/hbactest.py:168 +msgid "Result of simulation" +msgstr "" + +#: ipalib/plugins/hbactest.py:174 ipalib/plugins/krbtpolicy.py:85 +#: ipalib/plugins/passwd.py:69 +msgid "User name" msgstr "" -#: ipalib/plugins/internal.py:305 -msgid "Misc. Information" +#: ipalib/plugins/hbactest.py:179 +msgid "Source host" msgstr "" -#: ipalib/plugins/internal.py:307 -msgid "Click to Deactivate" +#: ipalib/plugins/hbactest.py:183 +msgid "Target host" msgstr "" -#: ipalib/plugins/internal.py:309 -msgid "Click to Activate" +#: ipalib/plugins/hbactest.py:187 ipalib/plugins/internal.py:430 +#: ipalib/plugins/service.py:223 +msgid "Service" msgstr "" -#: ipalib/plugins/internal.py:310 -msgid "Error changing account status" +#: ipalib/plugins/hbactest.py:191 +msgid "Rules to test. If not specified, --enabled is assumed" msgstr "" -#: ipalib/plugins/internal.py:311 -msgid "Reset Password" +#: ipalib/plugins/hbactest.py:196 +msgid "Hide details which rules are matched, not matched, or invalid" msgstr "" -#: ipalib/plugins/internal.py:312 -msgid "New Password" +#: ipalib/plugins/hbactest.py:200 +msgid "Include all enabled IPA rules into test [default]" msgstr "" -#: ipalib/plugins/internal.py:313 -msgid "Repeat Password" +#: ipalib/plugins/hbactest.py:204 +msgid "Include all disabled IPA rules into test" msgstr "" -#: ipalib/plugins/internal.py:314 -msgid "Password change complete" +#: ipalib/plugins/hbactest.py:266 +msgid "Unresolved rules in --rules" msgstr "" -#: ipalib/plugins/internal.py:315 -msgid "Passwords must match" +#: ipalib/plugins/hbactest.py:342 +#, python-format +msgid "Access granted: %s" msgstr "" -#: ipalib/plugins/internal.py:319 -msgid "Add" +#: ipalib/plugins/host.py:42 +msgid "" +"\n" +"Hosts/Machines\n" +"\n" +"A host represents a machine. It can be used in a number of contexts:\n" +"- service entries are associated with a host\n" +"- a host stores the host/ service principal\n" +"- a host can be used in Host-based Access Control (HBAC) rules\n" +"- every enrolled client generates a host entry\n" +"\n" +"ENROLLMENT:\n" +"\n" +"There are three enrollment scenarios when enrolling a new client:\n" +"\n" +"1. You are enrolling as a full administrator. The host entry may exist\n" +" or not. A full administrator is a member of the hostadmin role\n" +" or the admins group.\n" +"2. You are enrolling as a limited administrator. The host must already\n" +" exist. A limited administrator is a member a role with the\n" +" Host Enrollment privilege.\n" +"3. The host has been created with a one-time password.\n" +"\n" +"A host can only be enrolled once. If a client has enrolled and needs to\n" +"be re-enrolled, the host entry must be removed and re-created. Note that\n" +"re-creating the host entry will result in all services for the host being\n" +"removed, and all SSL certificates associated with those services being\n" +"revoked.\n" +"\n" +"A host can optionally store information such as where it is located,\n" +"the OS that it runs, etc.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new host:\n" +" ipa host-add --location=\"3rd floor lab\" --locality=Dallas test.example." +"com\n" +"\n" +" Delete a host:\n" +" ipa host-del test.example.com\n" +"\n" +" Add a new host with a one-time password:\n" +" ipa host-add --os='Fedora 12' --password=Secret123 test.example.com\n" +"\n" +" Add a new host with a random one-time password:\n" +" ipa host-add --os='Fedora 12' --random test.example.com\n" +"\n" +" Modify information about a host:\n" +" ipa host-mod --os='Fedora 12' test.example.com\n" +"\n" +" Disable the host Kerberos key, SSL certificate and all of its services:\n" +" ipa host-disable test.example.com\n" +"\n" +" Add a host that can manage this host's keytab and certificate:\n" +" ipa host-add-managedby --hosts=test2 test\n" msgstr "" -#: ipalib/plugins/internal.py:320 -msgid "Add and Add Another" +#: ipalib/plugins/host.py:101 +msgid "Fully-qualified hostname required" msgstr "" -#: ipalib/plugins/internal.py:321 -msgid "Add and Edit" +#: ipalib/plugins/host.py:142 +#, python-format +msgid "DNS reverse zone for IP address %(addr)s not found" msgstr "" -#: ipalib/plugins/internal.py:322 -msgid "Add and Close" +#: ipalib/plugins/host.py:166 ipalib/plugins/service.py:88 +msgid "Keytab" msgstr "" -#: ipalib/plugins/internal.py:323 -msgid "Add Many" +#: ipalib/plugins/host.py:207 +msgid "invalid IP address" msgstr "" -#: ipalib/plugins/internal.py:324 -msgid "Back to List" +#: ipalib/plugins/host.py:216 +msgid "host" msgstr "" -#: ipalib/plugins/internal.py:325 -msgid "Cancel" +#: ipalib/plugins/host.py:217 +msgid "hosts" msgstr "" -#: ipalib/plugins/internal.py:326 -msgid "Close" +#: ipalib/plugins/host.py:249 +msgid "Host" msgstr "" -#: ipalib/plugins/internal.py:327 -msgid "Enroll" +#: ipalib/plugins/host.py:257 +msgid "Host name" msgstr "" -#: ipalib/plugins/internal.py:328 -msgid "Find" +#: ipalib/plugins/host.py:264 +msgid "A description of this host" msgstr "" -#: ipalib/plugins/internal.py:329 -msgid "Get" +#: ipalib/plugins/host.py:268 +msgid "Locality" msgstr "" -#: ipalib/plugins/internal.py:330 -msgid "Issue" +#: ipalib/plugins/host.py:269 +msgid "Host locality (e.g. \"Baltimore, MD\")" msgstr "" -#: ipalib/plugins/internal.py:331 -msgid "OK" +#: ipalib/plugins/host.py:274 +msgid "Host location (e.g. \"Lab 2\")" msgstr "" -#: ipalib/plugins/internal.py:332 -msgid "Reset" +#: ipalib/plugins/host.py:278 +msgid "Platform" msgstr "" -#: ipalib/plugins/internal.py:333 -msgid "Delete" +#: ipalib/plugins/host.py:279 +msgid "Host hardware platform (e.g. \"Lenovo T61\")" msgstr "" -#: ipalib/plugins/internal.py:334 -msgid "Restore" +#: ipalib/plugins/host.py:283 +msgid "Operating system" msgstr "" -#: ipalib/plugins/internal.py:335 -msgid "Retry" +#: ipalib/plugins/host.py:284 +msgid "Host operating system and version (e.g. \"Fedora 9\")" msgstr "" -#: ipalib/plugins/internal.py:336 -msgid "Revoke" +#: ipalib/plugins/host.py:288 +msgid "User password" msgstr "" -#: ipalib/plugins/internal.py:337 -msgid "Update" +#: ipalib/plugins/host.py:289 +msgid "Password used in bulk enrollment" msgstr "" -#: ipalib/plugins/internal.py:338 -msgid "View" +#: ipalib/plugins/host.py:292 +msgid "Generate a random password to be used in bulk enrollment" msgstr "" -#: ipalib/plugins/internal.py:341 -msgid "Available" +#: ipalib/plugins/host.py:297 +msgid "Random password" msgstr "" -#: ipalib/plugins/internal.py:342 -msgid "This page has unsaved changes. Please save or revert." +#: ipalib/plugins/host.py:303 ipalib/plugins/service.py:236 +msgid "Base-64 encoded server certificate" msgstr "" -#: ipalib/plugins/internal.py:343 -msgid "Dirty" +#: ipalib/plugins/host.py:306 ipalib/plugins/host.py:621 +msgid "Principal name" msgstr "" -#: ipalib/plugins/internal.py:344 -msgid "Hide already enrolled." +#: ipalib/plugins/host.py:366 +msgid "Add a new host." msgstr "" -#: ipalib/plugins/internal.py:345 -msgid "Select ${entity} to be removed." +#: ipalib/plugins/host.py:369 +#, python-format +msgid "Added host \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:346 -msgid "Remove ${entity}." +#: ipalib/plugins/host.py:374 +msgid "force host name even if not in DNS" msgstr "" -#: ipalib/plugins/internal.py:347 -msgid "Prospective" +#: ipalib/plugins/host.py:377 +msgid "skip reverse DNS detection" msgstr "" -#: ipalib/plugins/internal.py:350 -msgid "Managed by" +#: ipalib/plugins/host.py:380 +msgid "Add the host to DNS with this IP address" msgstr "" -#: ipalib/plugins/internal.py:351 -msgid "Member" +#: ipalib/plugins/host.py:381 +msgid "IP Address" msgstr "" -#: ipalib/plugins/internal.py:352 -msgid "Indirect Member" +#: ipalib/plugins/host.py:397 ipalib/plugins/host.py:552 +#, python-format +msgid "DNS zone %(zone)s not found" msgstr "" -#: ipalib/plugins/internal.py:353 -msgid "Member Of" +#: ipalib/plugins/host.py:481 +#, python-format +msgid "The host was added but the DNS update failed with: %(exc)s" msgstr "" -#: ipalib/plugins/internal.py:354 -msgid "Indirect Member Of" +#: ipalib/plugins/host.py:499 +msgid "Delete a host." msgstr "" -#: ipalib/plugins/internal.py:355 ipalib/plugins/internal.py:359 -msgid "Settings" +#: ipalib/plugins/host.py:501 +#, python-format +msgid "Deleted host \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:358 -msgid "Search" +#: ipalib/plugins/host.py:506 +msgid "Remove entries from DNS" msgstr "" -#: ipalib/plugins/internal.py:362 -msgid "Quick Links" +#: ipalib/plugins/host.py:612 +msgid "Modify information about a host." msgstr "" -#: ipalib/plugins/internal.py:363 -msgid "Select All" +#: ipalib/plugins/host.py:615 +#, python-format +msgid "Modified host \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:364 -msgid "Unselect All" +#: ipalib/plugins/host.py:622 +msgid "Kerberos principal name for this host" msgstr "" -#: ipalib/plugins/internal.py:365 -msgid "Are you sure you want to delete selected entries?" +#: ipalib/plugins/host.py:634 +msgid "Password cannot be set on enrolled host." msgstr "" -#: ipalib/plugins/internal.py:366 -msgid "" -"Query returned more results than the configured size limit. Displaying the " -"first ${counter} results." +#: ipalib/plugins/host.py:708 +msgid "Search for hosts." msgstr "" -#: ipalib/plugins/internal.py:370 -msgid "General" +#: ipalib/plugins/host.py:712 +#, python-format +msgid "%(count)d host matched" +msgid_plural "%(count)d hosts matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/host.py:742 +msgid "Display information about a host." msgstr "" -#: ipalib/plugins/internal.py:371 -msgid "Identity Settings" +#: ipalib/plugins/host.py:747 ipalib/plugins/service.py:396 +msgid "file to store certificate in" msgstr "" -#: ipalib/plugins/internal.py:372 -msgid "${entity} ${primary_key} Settings" +#: ipalib/plugins/host.py:775 ipalib/plugins/service.py:414 +#, python-format +msgid "Certificate stored in file '%(file)s'" msgstr "" -#: ipalib/plugins/internal.py:373 -msgid "Back to Top" +#: ipalib/plugins/host.py:786 +msgid "Disable the Kerberos key, SSL certificate and all services of a host." msgstr "" -#: ipalib/plugins/internal.py:377 -msgid "Policy" +#: ipalib/plugins/host.py:789 +#, python-format +msgid "Disabled host \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:378 -msgid "Audit" +#: ipalib/plugins/host.py:876 +msgid "Add hosts that can manage this host." msgstr "" -#: ipalib/plugins/internal.py:379 -msgid "IPA Server" +#: ipalib/plugins/host.py:890 +msgid "Remove hosts that can manage this host." msgstr "" -#: ipalib/plugins/internal.py:380 -msgid "Sudo" +#: ipalib/plugins/hostgroup.py:25 +msgid "" +"\n" +"Groups of hosts.\n" +"\n" +"Manage groups of hosts. This is useful for applying access control to a\n" +"number of hosts by using Host-based Access Control.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new host group:\n" +" ipa hostgroup-add --desc=\"Baltimore hosts\" baltimore\n" +"\n" +" Add another new host group:\n" +" ipa hostgroup-add --desc=\"Maryland hosts\" maryland\n" +"\n" +" Add members to the hostgroup:\n" +" ipa hostgroup-add-member --hosts=box1,box2,box3 baltimore\n" +"\n" +" Add a hostgroup as a member of another hostgroup:\n" +" ipa hostgroup-add-member --hostgroups=baltimore maryland\n" +"\n" +" Remove a host from the hostgroup:\n" +" ipa hostgroup-remove-member --hosts=box2 baltimore\n" +"\n" +" Display a host group:\n" +" ipa hostgroup-show baltimore\n" +"\n" +" Delete a hostgroup:\n" +" ipa hostgroup-del baltimore\n" msgstr "" -#: ipalib/plugins/internal.py:381 -msgid "Host Based Access Control" +#: ipalib/plugins/hostgroup.py:60 +msgid "host group" msgstr "" -#: ipalib/plugins/internal.py:382 -msgid "Role Based Access Control" +#: ipalib/plugins/hostgroup.py:61 +msgid "host groups" msgstr "" -#: ipalib/plugins/internal.py:383 -msgid "Automount" +#: ipalib/plugins/hostgroup.py:75 +msgid "Host Group" msgstr "" -#: ipalib/plugins/internal.py:386 -msgid "Add ${other_entity} into ${entity} ${primary_key}" +#: ipalib/plugins/hostgroup.py:80 +msgid "Host-group" msgstr "" -#: ipalib/plugins/internal.py:387 -msgid "${other_entity} enrolled in ${entity} ${primary_key}" +#: ipalib/plugins/hostgroup.py:81 +msgid "Name of host-group" msgstr "" -#: ipalib/plugins/internal.py:388 -msgid "${entity} ${primary_key} is enrolled in the following ${other_entity}" +#: ipalib/plugins/hostgroup.py:88 +msgid "A description of this host-group" msgstr "" -#: ipalib/plugins/internal.py:389 -msgid "Remove ${other_entity} from ${entity} ${primary_key}" +#: ipalib/plugins/hostgroup.py:114 +msgid "Add a new hostgroup." msgstr "" -#: ipalib/plugins/internal.py:392 -msgid "Text does not match field pattern" +#: ipalib/plugins/hostgroup.py:116 +#, python-format +msgid "Added hostgroup \"%(value)s\"" msgstr "" -#: ipalib/plugins/internal.py:395 +#: ipalib/plugins/hostgroup.py:131 +#, python-format msgid "" -"Your Kerberos ticket is no longer valid. Please run kinit and then click " -"'Retry'. If this is your first time running the IPA Web UI follow these directions to configure your " -"browser." +"netgroup with name \"%s\" already exists. Hostgroups and netgroups share a " +"common namespace" msgstr "" -#: ipalib/plugins/internal.py:399 -msgid "Dict of I18N messages" +#: ipalib/plugins/hostgroup.py:153 +msgid "Delete a hostgroup." msgstr "" -#: ipalib/plugins/kerberos.py:20 -msgid "" -"\n" -"Backend plugin for Kerberos.\n" -"\n" -"This wraps the python-kerberos and python-krbV bindings.\n" +#: ipalib/plugins/hostgroup.py:155 +#, python-format +msgid "Deleted hostgroup \"%(value)s\"" msgstr "" -#: ipalib/plugins/kerberos.py:35 -msgid "" -"\n" -" Kerberos backend plugin.\n" -"\n" -" This wraps the `krbV` bindings (and will eventually wrap the `kerberos`\n" -" bindings also). Importantly, this plugin does correct Unicode\n" -" encoding/decoding of values going-to/coming-from the bindings.\n" -" " +#: ipalib/plugins/hostgroup.py:161 +msgid "Modify a hostgroup." msgstr "" -#: ipalib/plugins/kerberos.py:44 -msgid "" -"\n" -" Return the ``krbV.CCache`` for the default credential cache.\n" -" " +#: ipalib/plugins/hostgroup.py:163 +#, python-format +msgid "Modified hostgroup \"%(value)s\"" msgstr "" -#: ipalib/plugins/kerberos.py:50 -msgid "" -"\n" -" Return the ``krb5.Principal`` for the default credential cache.\n" -" " +#: ipalib/plugins/hostgroup.py:173 +msgid "Search for hostgroups." msgstr "" -#: ipalib/plugins/kerberos.py:56 -msgid "" -"\n" -" Return the ``krbV.CCache`` for the ``ccname`` credential ccache.\n" -" " +#: ipalib/plugins/hostgroup.py:177 +#, python-format +msgid "%(count)d hostgroup matched" +msgid_plural "%(count)d hostgroups matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/hostgroup.py:191 +msgid "Display information about a hostgroup." msgstr "" -#: ipalib/plugins/kerberos.py:62 -msgid "" -"\n" -" Return the ``krb5.Principal`` for the ``ccname`` credential ccache.\n" -" " +#: ipalib/plugins/hostgroup.py:201 +msgid "Add members to a hostgroup." msgstr "" -#: ipalib/plugins/kerberos.py:68 -msgid "" -"\n" -" Return the default ccache file name.\n" -"\n" -" This will return something like '/tmp/krb5cc_500'.\n" -"\n" -" This cannot return anything meaningful if used in the server as a\n" -" request is processed.\n" -" " +#: ipalib/plugins/hostgroup.py:211 +msgid "Remove members from a hostgroup." msgstr "" -#: ipalib/plugins/kerberos.py:79 -msgid "" -"\n" -" Return the principal name in default credential cache.\n" -"\n" -" This will return something like 'admin@EXAMPLE.COM'. If no " -"credential\n" -" cache exists for the invoking user, None is returned.\n" -"\n" -" This cannot return anything meaningful if used in the server as a\n" -" request is processed.\n" -" " +#: ipalib/plugins/internal.py:44 ipalib/plugins/internal.py:53 +msgid "Name of object to export" msgstr "" -#: ipalib/plugins/kerberos.py:91 -msgid "" -"\n" -" Return the realm from the default credential cache.\n" -"\n" -" This will return something like 'EXAMPLE.COM'. If no credential " -"cache\n" -" exists for the invoking user, None is returned.\n" -"\n" -" This cannot return anything meaningful if used in the server as a\n" -" request is processed.\n" -" " +#: ipalib/plugins/internal.py:47 ipalib/plugins/internal.py:56 +msgid "Name of method to export" msgstr "" -#: ipalib/plugins/kerberos.py:103 -msgid "" -"\n" -" Return the principal from credential cache file at ``ccname``.\n" -"\n" -" This will return something like 'admin@EXAMPLE.COM'.\n" -" " +#: ipalib/plugins/internal.py:59 +msgid "Name of command to export" msgstr "" -#: ipalib/plugins/kerberos.py:111 -msgid "" -"\n" -" Return the realm from credential cache file at ``ccname``.\n" -"\n" -" This will return something like 'EXAMPLE.COM'.\n" -" " +#: ipalib/plugins/internal.py:64 +msgid "Dict of JSON encoded IPA Objects" msgstr "" -#: ipalib/plugins/krbtpolicy.py:19 -msgid "" -"\n" -"Kerberos ticket policy\n" -"\n" -"There is a single Kerberos ticket policy. This policy defines the\n" -"maximum ticket lifetime and the maximum renewal age, the period during\n" -"which the ticket is renewable.\n" -"\n" -"You can also create a per-user ticket policy by specifying the user login.\n" -"\n" -"For changes to the global policy to take effect, restarting the KDC service\n" -"is required, which can be achieved using:\n" -"\n" -"service krb5kdc restart\n" -"\n" -"Changes to per-user policies take effect immediately for newly requested\n" -"tickets (e.g. when the user next runs kinit).\n" -"\n" -"EXAMPLES:\n" -"\n" -" Display the current Kerberos ticket policy:\n" -" ipa krbtpolicy-show\n" -"\n" -" Reset the policy to the default:\n" -" ipa krbtpolicy-reset\n" -"\n" -" Modify the policy to 8 hours max life, 1-day max renewal:\n" -" ipa krbtpolicy-mod --maxlife=28800 --maxrenew=86400\n" -"\n" -" Display effective Kerberos ticket policy for user 'admin':\n" -" ipa krbtpolicy-show admin\n" -"\n" -" Reset per-user policy for user 'admin':\n" -" ipa krbtpolicy-reset admin\n" -"\n" -" Modify per-user policy for user 'admin':\n" -" ipa krbtpolicy-mod admin --maxlife=3600\n" +#: ipalib/plugins/internal.py:65 +msgid "Dict of JSON encoded IPA Methods" msgstr "" -#: ipalib/plugins/krbtpolicy.py:71 -msgid "" -"\n" -" Kerberos Ticket Policy object\n" -" " +#: ipalib/plugins/internal.py:66 +msgid "Dict of JSON encoded IPA Commands" msgstr "" -#: ipalib/plugins/krbtpolicy.py:79 -msgid "Kerberos Ticket Policy" +#: ipalib/plugins/internal.py:147 +msgid "" +"Your Kerberos ticket is no longer valid. Please run kinit and then click " +"'Retry'. If this is your first time running the IPA Web UI follow these directions to configure your " +"browser." msgstr "" -#: ipalib/plugins/krbtpolicy.py:84 ipalib/plugins/passwd.py:53 -msgid "User name" +#: ipalib/plugins/internal.py:148 +msgid "Kerberos ticket no longer valid." msgstr "" -#: ipalib/plugins/krbtpolicy.py:85 -msgid "Manage ticket policy for specific user" +#: ipalib/plugins/internal.py:153 +msgid "Add RunAs ${other_entity} into ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:90 -msgid "Max life" +#: ipalib/plugins/internal.py:154 +msgid "Add RunAs Groups into ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:91 -msgid "Maximum ticket life (seconds)" +#: ipalib/plugins/internal.py:155 +msgid "Add ${other_entity} Managing ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:96 -msgid "Max renew" +#: ipalib/plugins/internal.py:156 +msgid "Add ${other_entity} into ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:97 -msgid "Maximum renewable age (seconds)" +#: ipalib/plugins/internal.py:157 +msgid "Add Allow ${other_entity} into ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:111 -msgid "" -"\n" -" Modify Kerberos ticket policy.\n" -" " +#: ipalib/plugins/internal.py:158 +msgid "Add Deny ${other_entity} into ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:125 -msgid "" -"\n" -" Display the current Kerberos ticket policy.\n" -" " +#: ipalib/plugins/internal.py:159 +msgid "Add ${entity} ${primary_key} into ${other_entity}" msgstr "" -#: ipalib/plugins/krbtpolicy.py:149 -msgid "" -"\n" -" Reset Kerberos ticket policy to the default values.\n" -" " +#: ipalib/plugins/internal.py:160 +msgid "Add Source ${other_entity} into ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:19 -msgid "" -"\n" -"Migration to IPA\n" -"\n" -"Migrate users and groups from an LDAP server to IPA.\n" -"\n" -"This performs an LDAP query against the remote server searching for\n" -"users and groups in a container. In order to migrate passwords you need\n" -"to bind as a user that can read the userPassword attribute on the remote\n" -"server. This is generally restricted to high-level admins such as\n" -"cn=Directory Manager in 389-ds (this is the default bind user).\n" -"\n" -"The default user container is ou=People.\n" -"\n" -"The default group container is ou=Groups.\n" -"\n" -"Users and groups that already exist on the IPA server are skipped.\n" -"\n" -"Two LDAP schemas define how group members are stored: RFC2307 and\n" -"RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n" -"members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n" -"\n" -"Migrated users do not have Kerberos credentials, they have only their\n" -"LDAP password. To complete the migration process, users need to go\n" -"to http://ipa.example.com/ipa/migration and authenticate using their\n" -"LDAP password in order to generate their Kerberos credentials.\n" -"\n" -"Migration is disabled by default. Use the command ipa config-mod to\n" -"enable it:\n" -"\n" -" ipa config-mod --enable-migration=TRUE\n" -"\n" -"EXAMPLES:\n" -"\n" -" The simplest migration, accepting all defaults:\n" -" ipa migrate-ds ldap://ds.example.com:389\n" -"\n" -" Specify the user and group container. This can be used to migrate user and\n" -" group data from an IPA v1 server:\n" -" ipa migrate-ds --user-container='cn=users,cn=accounts' --group-" -"container='cn=groups,cn=accounts' ldap://ds.example.com:389\n" +#: ipalib/plugins/internal.py:162 +msgid "Direct Membership" msgstr "" -#: ipalib/plugins/migration.py:78 -msgid "" -"Kerberos principal %s already exists. Use 'ipa user-mod' to set it manually." +#: ipalib/plugins/internal.py:163 +msgid "Indirect Membership" msgstr "" -#: ipalib/plugins/migration.py:79 -msgid "" -"Failed to add user to the default group. Use 'ipa group-add-member' to add " -"manually." +#: ipalib/plugins/internal.py:164 +msgid "No entries." msgstr "" -#: ipalib/plugins/migration.py:175 -msgid "" -"\n" -" Convert usernames in member attributes to work in IPA.\n" -" " +#: ipalib/plugins/internal.py:165 +msgid "Showing ${start} to ${end} of ${total} entries." msgstr "" -#: ipalib/plugins/migration.py:220 -msgid "Invalid LDAP URI." +#: ipalib/plugins/internal.py:167 +msgid "Remove RunAs ${other_entity} from ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:225 -msgid "" -"\n" -" Migrate users and groups from DS to IPA.\n" -" " +#: ipalib/plugins/internal.py:168 +msgid "Remove RunAs Groups from ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:266 -msgid "LDAP URI" +#: ipalib/plugins/internal.py:169 +msgid "Remove ${other_entity} Managing ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:267 -msgid "LDAP URI of DS server to migrate from" +#: ipalib/plugins/internal.py:170 +msgid "Remove ${other_entity} from ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:272 -msgid "bind password" +#: ipalib/plugins/internal.py:171 +msgid "Remove Allow ${other_entity} from ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:279 -msgid "Bind DN" +#: ipalib/plugins/internal.py:172 +msgid "Remove Deny ${other_entity} from ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:285 -msgid "User container" +#: ipalib/plugins/internal.py:173 +msgid "Remove ${entity} ${primary_key} from ${other_entity}" msgstr "" -#: ipalib/plugins/migration.py:286 -msgid "RDN of container for users in DS" +#: ipalib/plugins/internal.py:174 +msgid "Remove Source ${other_entity} from ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/migration.py:292 -msgid "Group container" +#: ipalib/plugins/internal.py:176 +msgid "Show Results" msgstr "" -#: ipalib/plugins/migration.py:293 -msgid "RDN of container for groups in DS" +#: ipalib/plugins/internal.py:179 +msgid "Add" msgstr "" -#: ipalib/plugins/migration.py:299 -msgid "User object class" +#: ipalib/plugins/internal.py:180 +msgid "Add and Add Another" msgstr "" -#: ipalib/plugins/migration.py:300 -msgid "" -"Comma-separated list of objectclasses used to search for user entries in DS" +#: ipalib/plugins/internal.py:181 +msgid "Add and Close" msgstr "" -#: ipalib/plugins/migration.py:306 -msgid "Group object class" +#: ipalib/plugins/internal.py:182 +msgid "Add and Edit" msgstr "" -#: ipalib/plugins/migration.py:307 -msgid "" -"Comma-separated list of objectclasses used to search for group entries in DS" +#: ipalib/plugins/internal.py:183 +msgid "Add Many" msgstr "" -#: ipalib/plugins/migration.py:313 -msgid "LDAP schema" +#: ipalib/plugins/internal.py:184 +msgid "Cancel" msgstr "" -#: ipalib/plugins/migration.py:314 -msgid "" -"The schema used on the LDAP server. Supported values are RFC2307 and " -"RFC2307bis. The default is RFC2307bis" +#: ipalib/plugins/internal.py:185 +msgid "Close" msgstr "" -#: ipalib/plugins/migration.py:320 -msgid "" -"Continuous operation mode. Errors are reported but the process continues" +#: ipalib/plugins/internal.py:186 +msgid "Find" msgstr "" -#: ipalib/plugins/migration.py:328 -msgid "Lists of objects migrated; categorized by type." +#: ipalib/plugins/internal.py:187 +msgid "Get" msgstr "" -#: ipalib/plugins/migration.py:332 -msgid "Lists of objects that could not be migrated; categorized by type." +#: ipalib/plugins/internal.py:188 +msgid "Issue" msgstr "" -#: ipalib/plugins/migration.py:336 -msgid "False if migration mode was disabled." +#: ipalib/plugins/internal.py:189 +msgid "OK" msgstr "" -#: ipalib/plugins/migration.py:340 -msgid "comma-separated list of %s to exclude from migration" +#: ipalib/plugins/internal.py:190 +msgid "Delete" msgstr "" -#: ipalib/plugins/migration.py:342 -msgid "" -"search results for objects to be migrated\n" -"have been truncated by the server;\n" -"migration process might be incomplete\n" +#: ipalib/plugins/internal.py:191 +msgid "Reset" msgstr "" -#: ipalib/plugins/migration.py:347 -msgid "Migration mode is disabled. Use 'ipa config-mod' to enable it." +#: ipalib/plugins/internal.py:192 +msgid "Restore" msgstr "" -#: ipalib/plugins/migration.py:350 -msgid "" -"Passwords have been migrated in pre-hashed format.\n" -"IPA is unable to generate Kerberos keys unless provided\n" -"with clear text passwords. All migrated users need to\n" -"login at https://your.domain/ipa/migration/ before they\n" -"can use their Kerberos accounts." +#: ipalib/plugins/internal.py:193 +msgid "Retry" msgstr "" -#: ipalib/plugins/migration.py:358 -msgid "" -"\n" -" Call get_options of the baseclass and add \"exclude\" options\n" -" for each type of object being migrated.\n" -" " +#: ipalib/plugins/internal.py:194 +msgid "Revoke" msgstr "" -#: ipalib/plugins/migration.py:375 -msgid "" -"\n" -" Convert all \"exclude\" option values to lower-case.\n" -"\n" -" Also, empty List parameters are converted to None, but the " -"migration\n" -" plugin doesn't like that - convert back to empty lists.\n" -" " +#: ipalib/plugins/internal.py:195 +msgid "Update" msgstr "" -#: ipalib/plugins/migration.py:399 -msgid "" -"\n" -" Migrate objects from DS to LDAP.\n" -" " +#: ipalib/plugins/internal.py:196 +msgid "View" msgstr "" -#: ipalib/plugins/migration.py:425 -msgid "Container for %(container)s not found" +#: ipalib/plugins/internal.py:199 +msgid "Collapse All" msgstr "" -#: ipalib/plugins/misc.py:20 -msgid "" -"\n" -"Misc plug-ins\n" +#: ipalib/plugins/internal.py:200 +msgid "Expand All" msgstr "" -#: ipalib/plugins/misc.py:36 -msgid "Show environment variables" +#: ipalib/plugins/internal.py:201 +msgid "General" msgstr "" -#: ipalib/plugins/misc.py:38 -msgid "%(count)d variables" +#: ipalib/plugins/internal.py:202 +msgid "Identity Settings" msgstr "" -#: ipalib/plugins/misc.py:47 ipalib/plugins/misc.py:115 -msgid "" -"retrieve and print all attributes from the server. Affects command output." +#: ipalib/plugins/internal.py:203 +msgid "${entity} ${primary_key} Settings" msgstr "" -#: ipalib/plugins/misc.py:61 -msgid "Total number of variables env (>= count)" +#: ipalib/plugins/internal.py:204 +msgid "Back to Top" msgstr "" -#: ipalib/plugins/misc.py:66 -msgid "Number of variables returned (<= total)" +#: ipalib/plugins/internal.py:207 +msgid "${entity} successfully added" msgstr "" -#: ipalib/plugins/misc.py:106 -msgid "Show all loaded plugins" +#: ipalib/plugins/internal.py:208 +msgid "Add ${entity}" msgstr "" -#: ipalib/plugins/misc.py:108 -msgid "%(count)d plugin loaded" -msgid_plural "%(count)d plugins loaded" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/internal.py:209 +msgid "Available" +msgstr "" -#: ipalib/plugins/misc.py:126 -msgid "Number of plugins loaded" +#: ipalib/plugins/internal.py:210 +msgid "Some operations failed." msgstr "" -#: ipalib/plugins/netgroup.py:20 -msgid "" -"\n" -"Netgroups\n" -"\n" -"A netgroup is a group used for permission checking. It can contain both\n" -"user and host values.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new netgroup:\n" -" ipa netgroup-add --desc=\"NFS admins\" admins\n" -"\n" -" Add members to the netgroup:\n" -" ipa netgroup-add-member --users=tuser1,tuser2 admins\n" -"\n" -" Remove a member from the netgroup:\n" -" ipa netgroup-remove-member --users=tuser2 admins\n" -"\n" -" Display information about a netgroup:\n" -" ipa netgroup-show admins\n" -"\n" -" Delete a netgroup:\n" -" ipa netgroup-del admins\n" +#: ipalib/plugins/internal.py:211 +msgid "Operations Error" msgstr "" -#: ipalib/plugins/netgroup.py:59 -msgid "Member Host" +#: ipalib/plugins/internal.py:212 +msgid "Confirmation" msgstr "" -#: ipalib/plugins/netgroup.py:67 -msgid "" -"\n" -" Netgroup object.\n" -" " +#: ipalib/plugins/internal.py:213 +msgid "This page has unsaved changes. Please save or revert." msgstr "" -#: ipalib/plugins/netgroup.py:98 -msgid "Netgroups" +#: ipalib/plugins/internal.py:214 +msgid "Unsaved Changes" msgstr "" -#: ipalib/plugins/netgroup.py:103 -msgid "Netgroup name" +#: ipalib/plugins/internal.py:215 +msgid "Hide details" msgstr "" -#: ipalib/plugins/netgroup.py:110 -msgid "Netgroup description" +#: ipalib/plugins/internal.py:216 +msgid "Prospective" msgstr "" -#: ipalib/plugins/netgroup.py:114 -msgid "NIS domain name" +#: ipalib/plugins/internal.py:217 +msgid "Redirection" msgstr "" -#: ipalib/plugins/netgroup.py:119 -msgid "IPA unique ID" +#: ipalib/plugins/internal.py:218 +msgid "Select entries to be removed." msgstr "" -#: ipalib/plugins/netgroup.py:140 -msgid "" -"\n" -" Add a new netgroup.\n" -" " +#: ipalib/plugins/internal.py:219 +msgid "Remove ${entity}" msgstr "" -#: ipalib/plugins/netgroup.py:144 -msgid "Added netgroup \"%(value)s\"" +#: ipalib/plugins/internal.py:220 +msgid "Show details" msgstr "" -#: ipalib/plugins/netgroup.py:153 -msgid "" -"\n" -" Delete a netgroup.\n" -" " +#: ipalib/plugins/internal.py:221 +msgid "Validation error" msgstr "" -#: ipalib/plugins/netgroup.py:156 -msgid "Deleted netgroup \"%(value)s\"" +#: ipalib/plugins/internal.py:222 +msgid "Input form contains invalid or missing values." msgstr "" -#: ipalib/plugins/netgroup.py:162 -msgid "" -"\n" -" Modify a netgroup.\n" -" " +#: ipalib/plugins/internal.py:226 +msgid "HTTP Error" msgstr "" -#: ipalib/plugins/netgroup.py:166 -msgid "Modified netgroup \"%(value)s\"" +#: ipalib/plugins/internal.py:227 +msgid "Internal Error" msgstr "" -#: ipalib/plugins/netgroup.py:180 -msgid "" -"\n" -" Search for a netgroup.\n" -" " +#: ipalib/plugins/internal.py:228 +msgid "IPA Error" msgstr "" -#: ipalib/plugins/netgroup.py:185 -msgid "%(count)d netgroup matched" -msgid_plural "%(count)d netgroups matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/internal.py:229 +msgid "No response" +msgstr "" -#: ipalib/plugins/netgroup.py:213 -msgid "" -"\n" -" Display information about a netgroup.\n" -" " +#: ipalib/plugins/internal.py:230 +msgid "Unknown Error" msgstr "" -#: ipalib/plugins/netgroup.py:222 -msgid "" -"\n" -" Add members to a netgroup.\n" -" " +#: ipalib/plugins/internal.py:231 +msgid "URL" msgstr "" -#: ipalib/plugins/netgroup.py:258 -msgid "" -"\n" -" Remove members from a netgroup.\n" -" " +#: ipalib/plugins/internal.py:234 +msgid "${primary_key} is managed by:" msgstr "" -#: ipalib/plugins/passwd.py:19 -msgid "" -"\n" -"Set a user's password\n" -"\n" -"If someone other than a user changes that user's password (e.g., Helpdesk\n" -"resets it) then the password will need to be changed the first time it\n" -"is used. This is so the end-user is the only one who knows the password.\n" -"\n" -"The IPA password policy controls how often a password may be changed,\n" -"what strength requirements exist, and the length of the password history.\n" -"\n" -"EXAMPLES:\n" -"\n" -" To reset your own password:\n" -" ipa passwd\n" -"\n" -" To change another user's password:\n" -" ipa passwd tuser1\n" +#: ipalib/plugins/internal.py:235 +msgid "${primary_key} members:" msgstr "" -#: ipalib/plugins/passwd.py:46 -msgid "" -"\n" -" Set a user's password\n" -" " +#: ipalib/plugins/internal.py:236 +msgid "${primary_key} is a member of:" msgstr "" -#: ipalib/plugins/passwd.py:64 -msgid "Changed password for \"%(value)s\"" +#: ipalib/plugins/internal.py:239 +msgid "Settings" msgstr "" -#: ipalib/plugins/passwd.py:67 -msgid "" -"\n" -" Execute the passwd operation.\n" -"\n" -" The dn should not be passed as a keyword argument as it is " -"constructed\n" -" by this method.\n" -"\n" -" Returns the entry\n" -"\n" -" :param principal: The login name or principal of the user\n" -" :param password: the new password\n" -" " +#: ipalib/plugins/internal.py:240 +msgid "Search" msgstr "" -#: ipalib/plugins/permission.py:19 -msgid "" -"\n" -"Permissions\n" -"\n" -"A permission enables fine-grained delegation of rights. A permission is\n" -"a human-readable form of a 389-ds Access Control Rule, or instruction " -"(ACI).\n" -"A permission grants the right to perform a specific task such as adding a\n" -"user, modifying a group, etc.\n" -"\n" -"A permission may not contain other permissions.\n" -"\n" -"* A permission grants access to read, write, add or delete.\n" -"* A privilege combines similar permissions (for example all the permissions\n" -" needed to add a user).\n" -"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" -"\n" -"A permission is made up of a number of different parts:\n" -"\n" -"1. The name of the permission.\n" -"2. The target of the permission.\n" -"3. The rights granted by the permission.\n" -"\n" -"Rights define what operations are allowed, and may be one or more\n" -"of the following:\n" -"1. write - write one or more attributes\n" -"2. read - read one or more attributes\n" -"3. add - add a new entry to the tree\n" -"4. delete - delete an existing entry\n" -"5. all - all permissions are granted\n" -"\n" -"Read permission is granted for most attributes by default so the read\n" -"permission is not expected to be used very often.\n" -"\n" -"Note the distinction between attributes and entries. The permissions are\n" -"independent, so being able to add a user does not mean that the user will\n" -"be editable.\n" -"\n" -"There are a number of allowed targets:\n" -"1. type: a type of object (user, group, etc).\n" -"2. memberof: a member of a group or hostgroup\n" -"3. filter: an LDAP filter\n" -"4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a\n" -" super-set of the \"type\" target.\n" -"5. targetgroup: grant access to modify a specific group (such as granting\n" -" the rights to manage group membership)\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a permission that grants the creation of users:\n" -" ipa permission-add --type=user --permissions=add \"Add Users\"\n" -"\n" -" Add a permission that grants the ability to manage group membership:\n" -" ipa permission-add --attrs=member --permissions=write --type=group " -"\"Manage Group Members\"\n" +#: ipalib/plugins/internal.py:242 +msgid "False" msgstr "" -#: ipalib/plugins/permission.py:84 -msgid "Permission Type" +#: ipalib/plugins/internal.py:244 +msgid "Logged In As" msgstr "" -#: ipalib/plugins/permission.py:89 -msgid "" -"\n" -" Permission object.\n" -" " +#: ipalib/plugins/internal.py:248 +msgid "Attribute" msgstr "" -#: ipalib/plugins/permission.py:112 -msgid "Permission name" +#: ipalib/plugins/internal.py:253 +msgid "Automount Location Settings" msgstr "" -#: ipalib/plugins/permission.py:119 -msgid "" -"Comma-separated list of permissions to grant (read, write, add, delete, all)" +#: ipalib/plugins/internal.py:256 +msgid "Map Type" msgstr "" -#: ipalib/plugins/permission.py:132 -msgid "" -"Type of IPA object (user, group, host, hostgroup, service, netgroup, dns)" +#: ipalib/plugins/internal.py:257 +msgid "Direct" msgstr "" -#: ipalib/plugins/permission.py:138 -msgid "Member of group" +#: ipalib/plugins/internal.py:258 +msgid "Indirect" msgstr "" -#: ipalib/plugins/permission.py:139 -msgid "Target members of a group" +#: ipalib/plugins/internal.py:261 +msgid "AA Compromise" msgstr "" -#: ipalib/plugins/permission.py:151 -msgid "Subtree to apply permissions to" +#: ipalib/plugins/internal.py:262 +msgid "Affiliation Changed" msgstr "" -#: ipalib/plugins/permission.py:157 -msgid "User group to apply permissions to" +#: ipalib/plugins/internal.py:263 +msgid "CA Compromise" msgstr "" -#: ipalib/plugins/permission.py:177 -msgid "" -"\n" -" Add a new permission.\n" -" " +#: ipalib/plugins/internal.py:264 +msgid "Certificate Hold" msgstr "" -#: ipalib/plugins/permission.py:181 -msgid "Added permission \"%(value)s\"" +#: ipalib/plugins/internal.py:265 +msgid "Cessation of Operation" msgstr "" -#: ipalib/plugins/permission.py:236 -msgid "" -"\n" -" Delete a permission.\n" -" " +#: ipalib/plugins/internal.py:266 +msgid "Common Name" msgstr "" -#: ipalib/plugins/permission.py:240 -msgid "Deleted permission \"%(value)s\"" +#: ipalib/plugins/internal.py:267 +msgid "Enter the Base64-encoded CSR below" msgstr "" -#: ipalib/plugins/permission.py:256 -msgid "" -"\n" -" Modify a permission.\n" -" " +#: ipalib/plugins/internal.py:268 +msgid "Expires On" msgstr "" -#: ipalib/plugins/permission.py:260 -msgid "Modified permission \"%(value)s\"" +#: ipalib/plugins/internal.py:269 +msgid "Fingerprints" msgstr "" -#: ipalib/plugins/permission.py:352 -msgid "" -"\n" -" Search for permissions.\n" -" " +#: ipalib/plugins/internal.py:270 +msgid "Issue New Certificate for ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/permission.py:356 -msgid "%(count)d permission matched" -msgid_plural "%(count)d permissions matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/internal.py:271 +msgid "Issued By" +msgstr "" -#: ipalib/plugins/permission.py:405 -msgid "" -"\n" -" Display information about a permission.\n" -" " +#: ipalib/plugins/internal.py:272 +msgid "Issued On" msgstr "" -#: ipalib/plugins/permission.py:428 -msgid "" -"\n" -" Add members to a permission.\n" -" " +#: ipalib/plugins/internal.py:273 +msgid "Issued To" msgstr "" -#: ipalib/plugins/permission.py:437 -msgid "" -"\n" -" Remove members from a permission.\n" -" " +#: ipalib/plugins/internal.py:274 +msgid "Key Compromise" msgstr "" -#: ipalib/plugins/ping.py:19 -msgid "" -"\n" -"Ping the remote IPA server\n" +#: ipalib/plugins/internal.py:275 +msgid "MD5 Fingerprint" msgstr "" -#: ipalib/plugins/ping.py:29 -msgid "" -"\n" -" ping a remote server\n" -" " +#: ipalib/plugins/internal.py:276 +msgid "No Valid Certificate" msgstr "" -#: ipalib/plugins/ping.py:37 -msgid "" -"\n" -" A possible enhancement would be to take an argument and echo it\n" -" back but a fixed value works for now.\n" -" " +#: ipalib/plugins/internal.py:277 +msgid "New Certificate" msgstr "" -#: ipalib/plugins/pkinit.py:19 -msgid "" -"\n" -"Kerberos pkinit options\n" -"\n" -"Enable or disable anonymous pkinit using the principal\n" -"WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with\n" -"pkinit support.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Enable anonymous pkinit:\n" -" ipa pkinit-anonymous enable\n" -"\n" -" Disable anonymous pkinit:\n" -" ipa pkinit-anonymous disable\n" -"\n" -"For more information on anonymous pkinit see:\n" -"\n" -"http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit\n" -msgstr "" - -#: ipalib/plugins/pkinit.py:46 -msgid "" -"\n" -" PKINIT Options\n" -" " +#: ipalib/plugins/internal.py:278 +msgid "Note" msgstr "" -#: ipalib/plugins/pkinit.py:51 -msgid "PKINIT" +#: ipalib/plugins/internal.py:279 +msgid "Organization" msgstr "" -#: ipalib/plugins/pkinit.py:56 -msgid "" -"\n" -" Accepts only Enable/Disable.\n" -" " +#: ipalib/plugins/internal.py:280 +msgid "Organizational Unit" msgstr "" -#: ipalib/plugins/pkinit.py:67 -msgid "" -"\n" -" Enable or Disable Anonymous PKINIT\n" -" " +#: ipalib/plugins/internal.py:281 +msgid "Privilege Withdrawn" msgstr "" -#: ipalib/plugins/privilege.py:19 -msgid "" -"\n" -"Privileges\n" -"\n" -"A privilege combines permissions into a logical task. A permission provides\n" -"the rights to do a single task. There are some IPA operations that require\n" -"multiple permissions to succeed. A privilege is where permissions are\n" -"combined in order to perform a specific task.\n" -"\n" -"For example, adding a user requires the following permissions:\n" -" * Creating a new user entry\n" -" * Resetting a user password\n" -" * Adding the new user to the default IPA users group\n" -"\n" -"Combining these three low-level tasks into a higher level task in the\n" -"form of a privilege named \"Add User\" makes it easier to manage Roles.\n" -"\n" -"A privilege may not contain other privileges.\n" -"\n" -"See role and permission for additional information.\n" +#: ipalib/plugins/internal.py:282 +msgid "Reason for Revocation" msgstr "" -#: ipalib/plugins/privilege.py:45 -msgid "" -"\n" -" Privilege object.\n" -" " +#: ipalib/plugins/internal.py:283 +msgid "Remove from CRL" msgstr "" -#: ipalib/plugins/privilege.py:65 -msgid "Privileges" +#: ipalib/plugins/internal.py:284 +msgid "Restore Certificate for ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/privilege.py:70 -msgid "Privilege name" +#: ipalib/plugins/internal.py:285 +msgid "" +"To confirm your intention to restore this certificate, click the \"Restore\" " +"button." msgstr "" -#: ipalib/plugins/privilege.py:77 -msgid "Privilege description" +#: ipalib/plugins/internal.py:286 +msgid "Revoke Certificate for ${entity} ${primary_key}" msgstr "" -#: ipalib/plugins/privilege.py:85 +#: ipalib/plugins/internal.py:287 msgid "" -"\n" -" Add a new privilege.\n" -" " +"To confirm your intention to revoke this certificate, select a reason from " +"the pull-down list, and click the \"Revoke\" button." msgstr "" -#: ipalib/plugins/privilege.py:89 -msgid "Added privilege \"%(value)s\"" +#: ipalib/plugins/internal.py:288 +msgid "Certificate Revoked" msgstr "" -#: ipalib/plugins/privilege.py:95 -msgid "" -"\n" -" Delete a privilege.\n" -" " +#: ipalib/plugins/internal.py:290 +msgid "SHA1 Fingerprint" msgstr "" -#: ipalib/plugins/privilege.py:99 -msgid "Deleted privilege \"%(value)s\"" +#: ipalib/plugins/internal.py:291 +msgid "Superseded" msgstr "" -#: ipalib/plugins/privilege.py:105 -msgid "" -"\n" -" Modify a privilege.\n" -" " +#: ipalib/plugins/internal.py:292 +msgid "Unspecified" msgstr "" -#: ipalib/plugins/privilege.py:109 -msgid "Modified privilege \"%(value)s\"" +#: ipalib/plugins/internal.py:293 +msgid "Valid Certificate Present" msgstr "" -#: ipalib/plugins/privilege.py:115 -msgid "" -"\n" -" Search for privileges.\n" -" " +#: ipalib/plugins/internal.py:294 +msgid "Validity" msgstr "" -#: ipalib/plugins/privilege.py:119 -msgid "%(count)d privilege matched" -msgid_plural "%(count)d privileges matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/internal.py:295 +msgid "Certificate for ${entity} ${primary_key}" +msgstr "" -#: ipalib/plugins/privilege.py:127 -msgid "" -"\n" -" Display information about a privilege.\n" -" " +#: ipalib/plugins/internal.py:298 +msgid "Group Options" msgstr "" -#: ipalib/plugins/privilege.py:135 -msgid "" -"\n" -" Add members to a privilege\n" -" " +#: ipalib/plugins/internal.py:299 +msgid "Search Options" msgstr "" -#: ipalib/plugins/privilege.py:144 -msgid "" -"\n" -" Remove members from a privilege\n" -" " +#: ipalib/plugins/internal.py:300 +msgid "User Options" msgstr "" -#: ipalib/plugins/privilege.py:153 -msgid "" -"\n" -" Add permissions to a privilege.\n" -" " +#: ipalib/plugins/internal.py:305 +msgid "Data" msgstr "" -#: ipalib/plugins/privilege.py:169 -msgid "Number of permissions added" +#: ipalib/plugins/internal.py:306 +msgid "DNS record was deleted because it contained no data." msgstr "" -#: ipalib/plugins/privilege.py:177 -msgid "" -"\n" -" Remove permissions from a privilege.\n" -" " +#: ipalib/plugins/internal.py:307 +msgid "Other Record Types" msgstr "" -#: ipalib/plugins/privilege.py:195 -msgid "Number of permissions removed" +#: ipalib/plugins/internal.py:308 +msgid "You will be redirected to DNS Zone." msgstr "" -#: ipalib/plugins/pwpolicy.py:20 -msgid "" -"\n" -"Password policy\n" -"\n" -"A password policy sets limitations on IPA passwords, including maximum\n" -"lifetime, minimum lifetime, the number of passwords to save in\n" -"history, the number of character classes required (for stronger passwords)\n" -"and the minimum password length.\n" -"\n" -"By default there is a single, global policy for all users. You can also\n" -"create a password policy to apply to a group. Each user is only subject\n" -"to one password policy, either the group policy or the global policy. A\n" -"group policy stands alone; it is not a super-set of the global policy plus\n" -"custom settings.\n" -"\n" -"Each group password policy requires a unique priority setting. If a user\n" -"is in multiple groups that have password policies, this priority determines\n" -"which password policy is applied. A lower value indicates a higher priority\n" -"policy.\n" -"\n" -"Group password policies are automatically removed when the groups they\n" -"are associated with are removed.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Modify the global policy:\n" -" ipa pwpolicy-mod --minlength=10\n" -"\n" -" Add a new group password policy:\n" -" ipa pwpolicy-add --maxlife=90 --minlife=1 --history=10 --minclasses=3 --" -"minlength=8 --priority=10 localadmins\n" -"\n" -" Display the global password policy:\n" -" ipa pwpolicy-show\n" -"\n" -" Display a group password policy:\n" -" ipa pwpolicy-show localadmins\n" -"\n" -" Display the policy that would be applied to a given user:\n" -" ipa pwpolicy-show --user=tuser1\n" -"\n" -" Modify a group password policy:\n" -" ipa pwpolicy-mod --minclasses=2 localadmins\n" +#: ipalib/plugins/internal.py:309 +msgid "Standard Record Types" msgstr "" -#: ipalib/plugins/pwpolicy.py:72 -msgid "" -"\n" -" Class of Service object used for linking policies with groups\n" -" " +#: ipalib/plugins/internal.py:310 +msgid "Records for DNS Zone" msgstr "" -#: ipalib/plugins/pwpolicy.py:87 -msgid "priority must be a unique value (%(prio)d already used by %(gname)s)" +#: ipalib/plugins/internal.py:311 +msgid "Record Type" msgstr "" -#: ipalib/plugins/pwpolicy.py:172 -msgid "" -"\n" -" Password Policy object\n" -" " +#: ipalib/plugins/internal.py:314 +msgid "DNS Zone Settings" msgstr "" -#: ipalib/plugins/pwpolicy.py:201 -msgid "Max failures" +#: ipalib/plugins/internal.py:317 +msgid "Account" msgstr "" -#: ipalib/plugins/pwpolicy.py:202 -msgid "Consecutive failures before lockout" +#: ipalib/plugins/internal.py:319 +msgid "Certificates" msgstr "" -#: ipalib/plugins/pwpolicy.py:207 -msgid "Failure reset interval" +#: ipalib/plugins/internal.py:320 +msgid "Consume" msgstr "" -#: ipalib/plugins/pwpolicy.py:208 -msgid "Period after which failure count will be reset (seconds)" +#: ipalib/plugins/internal.py:321 +msgid "Consume Entitlement" msgstr "" -#: ipalib/plugins/pwpolicy.py:213 -msgid "Lockout duration" +#: ipalib/plugins/internal.py:323 +msgid "Download" msgstr "" -#: ipalib/plugins/pwpolicy.py:214 -msgid "Period for which lockout is enforced (seconds)" +#: ipalib/plugins/internal.py:324 +msgid "Download Certificate" msgstr "" -#: ipalib/plugins/pwpolicy.py:224 -msgid "Group" +#: ipalib/plugins/internal.py:326 +msgid "Import" msgstr "" -#: ipalib/plugins/pwpolicy.py:225 -msgid "Manage password policy for specific group" +#: ipalib/plugins/internal.py:327 +msgid "Import Certificate" msgstr "" -#: ipalib/plugins/pwpolicy.py:230 -msgid "Max lifetime (days)" +#: ipalib/plugins/internal.py:328 +msgid "Enter the Base64-encoded entitlement certificate below:" msgstr "" -#: ipalib/plugins/pwpolicy.py:231 -msgid "Maximum password lifetime (in days)" +#: ipalib/plugins/internal.py:329 +msgid "Loading..." msgstr "" -#: ipalib/plugins/pwpolicy.py:236 -msgid "Min lifetime (hours)" +#: ipalib/plugins/internal.py:330 +msgid "No Certificate." msgstr "" -#: ipalib/plugins/pwpolicy.py:237 -msgid "Minimum password lifetime (in hours)" +#: ipalib/plugins/internal.py:332 +msgid "Register" msgstr "" -#: ipalib/plugins/pwpolicy.py:242 -msgid "History size" +#: ipalib/plugins/internal.py:333 +msgid "Registration" msgstr "" -#: ipalib/plugins/pwpolicy.py:243 -msgid "Password history size" +#: ipalib/plugins/internal.py:335 ipalib/plugins/internal.py:392 +#: ipalib/plugins/internal.py:431 +msgid "Status" msgstr "" -#: ipalib/plugins/pwpolicy.py:248 -msgid "Character classes" +#: ipalib/plugins/internal.py:338 +msgid "Group Settings" msgstr "" -#: ipalib/plugins/pwpolicy.py:249 -msgid "Minimum number of character classes" +#: ipalib/plugins/internal.py:339 +msgid "Is this a POSIX group?" msgstr "" -#: ipalib/plugins/pwpolicy.py:255 -msgid "Min length" +#: ipalib/plugins/internal.py:342 ipalib/plugins/internal.py:444 +#: ipalib/plugins/internal.py:470 +msgid "Active" msgstr "" -#: ipalib/plugins/pwpolicy.py:256 -msgid "Minimum length of password" +#: ipalib/plugins/internal.py:343 ipalib/plugins/internal.py:448 +msgid "Any Host" msgstr "" -#: ipalib/plugins/pwpolicy.py:261 -msgid "Priority" +#: ipalib/plugins/internal.py:344 +msgid "Any Service" msgstr "" -#: ipalib/plugins/pwpolicy.py:262 -msgid "Priority of the policy (higher number means lower priority" +#: ipalib/plugins/internal.py:345 ipalib/plugins/internal.py:449 +msgid "Anyone" msgstr "" -#: ipalib/plugins/pwpolicy.py:294 -msgid "" -"\n" -" Ensure that the maximum lifetime is greater than the minimum.\n" -" If there is no minimum lifetime set then don't return an error.\n" -" " +#: ipalib/plugins/internal.py:346 +msgid "Accessing" msgstr "" -#: ipalib/plugins/pwpolicy.py:314 -msgid "Maximum password life must be greater than minimum." +#: ipalib/plugins/internal.py:347 ipalib/plugins/internal.py:454 +#: ipalib/plugins/internal.py:475 +msgid "Inactive" msgstr "" -#: ipalib/plugins/pwpolicy.py:333 -msgid "" -"\n" -" Add a new group password policy.\n" -" " +#: ipalib/plugins/internal.py:348 ipalib/plugins/internal.py:455 +msgid "Rule status" msgstr "" -#: ipalib/plugins/pwpolicy.py:361 -msgid "" -"\n" -" Delete a group password policy.\n" -" " +#: ipalib/plugins/internal.py:349 +msgid "Via Service" msgstr "" -#: ipalib/plugins/pwpolicy.py:380 -msgid "" -"\n" -" Modify a group password policy.\n" -" " +#: ipalib/plugins/internal.py:350 +msgid "From" msgstr "" -#: ipalib/plugins/pwpolicy.py:391 -msgid "priority cannot be set on global policy" +#: ipalib/plugins/internal.py:351 ipalib/plugins/internal.py:460 +msgid "Specified Hosts and Groups" msgstr "" -#: ipalib/plugins/pwpolicy.py:423 -msgid "" -"\n" -" Display information about password policy.\n" -" " +#: ipalib/plugins/internal.py:352 +msgid "Specified Services and Groups" msgstr "" -#: ipalib/plugins/pwpolicy.py:428 -msgid "User" +#: ipalib/plugins/internal.py:353 ipalib/plugins/internal.py:461 +msgid "Specified Users and Groups" msgstr "" -#: ipalib/plugins/pwpolicy.py:429 -msgid "Display effective policy for a specific user" +#: ipalib/plugins/internal.py:354 ipalib/plugins/internal.py:462 +msgid "Who" msgstr "" -#: ipalib/plugins/pwpolicy.py:452 +#: ipalib/plugins/internal.py:362 +msgid "Access Denied" +msgstr "" + +#: ipalib/plugins/internal.py:363 +msgid "Access Granted" +msgstr "" + +#: ipalib/plugins/internal.py:364 +msgid "Include Disabled" +msgstr "" + +#: ipalib/plugins/internal.py:365 +msgid "Include Enabled" +msgstr "" + +#: ipalib/plugins/internal.py:366 +msgid "HBAC Test" +msgstr "" + +#: ipalib/plugins/internal.py:367 +msgid "Matched" +msgstr "" + +#: ipalib/plugins/internal.py:368 +msgid "New Test" +msgstr "" + +#: ipalib/plugins/internal.py:369 +msgid "Rules" +msgstr "" + +#: ipalib/plugins/internal.py:370 +msgid "Run Test" +msgstr "" + +#: ipalib/plugins/internal.py:371 +msgid "Specify external ${entity}" +msgstr "" + +#: ipalib/plugins/internal.py:372 +msgid "Unmatched" +msgstr "" + +#: ipalib/plugins/internal.py:375 +msgid "Host Certificate" +msgstr "" + +#: ipalib/plugins/internal.py:376 ipalib/plugins/internal.py:427 +msgid "Host Name" +msgstr "" + +#: ipalib/plugins/internal.py:377 ipalib/plugins/internal.py:425 +msgid "Delete Key, Unprovision" +msgstr "" + +#: ipalib/plugins/internal.py:378 +msgid "Host Settings" +msgstr "" + +#: ipalib/plugins/internal.py:379 +msgid "Enrolled?" +msgstr "" + +#: ipalib/plugins/internal.py:380 +msgid "Enrollment" +msgstr "" + +#: ipalib/plugins/internal.py:381 +msgid "Fully Qualified Host Name" +msgstr "" + +#: ipalib/plugins/internal.py:382 +msgid "Kerberos Key" +msgstr "" + +#: ipalib/plugins/internal.py:383 ipalib/plugins/internal.py:428 +msgid "Kerberos Key Not Present" +msgstr "" + +#: ipalib/plugins/internal.py:384 +msgid "Kerberos Key Present, Host Provisioned" +msgstr "" + +#: ipalib/plugins/internal.py:385 +msgid "One-Time-Password" +msgstr "" + +#: ipalib/plugins/internal.py:386 +msgid "One-Time-Password Not Present" +msgstr "" + +#: ipalib/plugins/internal.py:387 +msgid "One-Time-Password Present" +msgstr "" + +#: ipalib/plugins/internal.py:388 +msgid "Reset OTP" +msgstr "" + +#: ipalib/plugins/internal.py:389 +msgid "Reset One-Time-Password" +msgstr "" + +#: ipalib/plugins/internal.py:390 +msgid "Set OTP" +msgstr "" + +#: ipalib/plugins/internal.py:391 +msgid "Set One-Time-Password" +msgstr "" + +#: ipalib/plugins/internal.py:393 ipalib/plugins/internal.py:432 +msgid "Unprovision" +msgstr "" + +#: ipalib/plugins/internal.py:394 +msgid "Are you sure you want to unprovision this host?" +msgstr "" + +#: ipalib/plugins/internal.py:395 ipalib/plugins/internal.py:434 +msgid "Unprovisioning ${entity}" +msgstr "" + +#: ipalib/plugins/internal.py:398 +msgid "Host Group Settings" +msgstr "" + +#: ipalib/plugins/internal.py:401 +msgid "Kerberos ticket policy" +msgstr "" + +#: ipalib/plugins/internal.py:404 +msgid "Netgroup Settings" +msgstr "" + +#: ipalib/plugins/internal.py:407 ipalib/plugins/internal.py:502 +msgid "Identity" +msgstr "" + +#: ipalib/plugins/internal.py:408 +msgid "Permission with invalid target specification" +msgstr "" + +#: ipalib/plugins/internal.py:410 +msgid "Target" +msgstr "" + +#: ipalib/plugins/internal.py:413 +msgid "Privilege Settings" +msgstr "" + +#: ipalib/plugins/internal.py:416 ipalib/plugins/pwpolicy.py:221 +msgid "Password Policy" +msgstr "" + +#: ipalib/plugins/internal.py:419 +msgid "Role Settings" +msgstr "" + +#: ipalib/plugins/internal.py:424 +msgid "Service Certificate" +msgstr "" + +#: ipalib/plugins/internal.py:426 +msgid "Service Settings" +msgstr "" + +#: ipalib/plugins/internal.py:429 +msgid "Provisioning" +msgstr "" + +#: ipalib/plugins/internal.py:433 +msgid "Are you sure you want to unprovision this service?" +msgstr "" + +#: ipalib/plugins/internal.py:435 +msgid "Kerberos Key Present, Service Provisioned" +msgstr "" + +#: ipalib/plugins/internal.py:438 +msgid "Groups" +msgstr "" + +#: ipalib/plugins/internal.py:441 ipalib/plugins/sudocmdgroup.py:82 +msgid "Commands" +msgstr "" + +#: ipalib/plugins/internal.py:445 +msgid "Allow" +msgstr "" + +#: ipalib/plugins/internal.py:446 +msgid "Any Command" +msgstr "" + +#: ipalib/plugins/internal.py:447 +msgid "Any Group" +msgstr "" + +#: ipalib/plugins/internal.py:450 +msgid "Run Commands" +msgstr "" + +#: ipalib/plugins/internal.py:451 +msgid "Deny" +msgstr "" + +#: ipalib/plugins/internal.py:452 +msgid "External" +msgstr "" + +#: ipalib/plugins/internal.py:453 +msgid "Access this host" +msgstr "" + +#: ipalib/plugins/internal.py:456 +msgid "Options" +msgstr "" + +#: ipalib/plugins/internal.py:457 +msgid "As Whom" +msgstr "" + +#: ipalib/plugins/internal.py:458 +msgid "Specified Commands and Groups" +msgstr "" + +#: ipalib/plugins/internal.py:459 +msgid "Specified Groups" +msgstr "" + +#: ipalib/plugins/internal.py:465 +msgid "Account Settings" +msgstr "" + +#: ipalib/plugins/internal.py:466 +msgid "Account Status" +msgstr "" + +#: ipalib/plugins/internal.py:467 +msgid "Activate" +msgstr "" + +#: ipalib/plugins/internal.py:468 +msgid "" +"Are you sure you want to ${action} the user?
The change will take effect " +"immediately." +msgstr "" + +#: ipalib/plugins/internal.py:469 +msgid "Click to ${action}" +msgstr "" + +#: ipalib/plugins/internal.py:471 +msgid "Contact Settings" +msgstr "" + +#: ipalib/plugins/internal.py:472 +msgid "Deactivate" +msgstr "" + +#: ipalib/plugins/internal.py:473 +msgid "Employee Information" +msgstr "" + +#: ipalib/plugins/internal.py:474 +msgid "Error changing account status" +msgstr "" + +#: ipalib/plugins/internal.py:476 +msgid "Mailing Address" +msgstr "" + +#: ipalib/plugins/internal.py:477 +msgid "Misc. Information" +msgstr "" + +#: ipalib/plugins/internal.py:481 ipalib/plugins/passwd.py:79 +msgid "Current Password" +msgstr "" + +#: ipalib/plugins/internal.py:482 +msgid "Current password is required" +msgstr "" + +#: ipalib/plugins/internal.py:483 ipalib/plugins/passwd.py:76 +msgid "New Password" +msgstr "" + +#: ipalib/plugins/internal.py:484 +msgid "Password change complete" +msgstr "" + +#: ipalib/plugins/internal.py:485 +msgid "Passwords must match" +msgstr "" + +#: ipalib/plugins/internal.py:486 +msgid "Reset Password" +msgstr "" + +#: ipalib/plugins/internal.py:487 +msgid "Verify Password" +msgstr "" + +#: ipalib/plugins/internal.py:490 +msgid "Are you sure you want to delete selected entries?" +msgstr "" + +#: ipalib/plugins/internal.py:491 +msgid "Some entries were not deleted" +msgstr "" + +#: ipalib/plugins/internal.py:492 +msgid "Quick Links" +msgstr "" + +#: ipalib/plugins/internal.py:493 +msgid "Select All" +msgstr "" + +#: ipalib/plugins/internal.py:494 +msgid "" +"Query returned more results than the configured size limit. Displaying the " +"first ${counter} results." +msgstr "" + +#: ipalib/plugins/internal.py:495 +msgid "Unselect All" +msgstr "" + +#: ipalib/plugins/internal.py:498 +msgid "Audit" +msgstr "" + +#: ipalib/plugins/internal.py:499 +msgid "Automount" +msgstr "" + +#: ipalib/plugins/internal.py:500 +msgid "DNS" +msgstr "" + +#: ipalib/plugins/internal.py:501 +msgid "Host Based Access Control" +msgstr "" + +#: ipalib/plugins/internal.py:503 +msgid "IPA Server" +msgstr "" + +#: ipalib/plugins/internal.py:504 +msgid "Policy" +msgstr "" + +#: ipalib/plugins/internal.py:505 +msgid "Role Based Access Control" +msgstr "" + +#: ipalib/plugins/internal.py:506 +msgid "Sudo" +msgstr "" + +#: ipalib/plugins/internal.py:508 +msgid "True" +msgstr "" + +#: ipalib/plugins/internal.py:510 +msgid "Next" +msgstr "" + +#: ipalib/plugins/internal.py:511 +msgid "Page" +msgstr "" + +#: ipalib/plugins/internal.py:512 +msgid "Prev" +msgstr "" + +#: ipalib/plugins/internal.py:513 +msgid "undo" +msgstr "" + +#: ipalib/plugins/internal.py:514 +msgid "undo all" +msgstr "" + +#: ipalib/plugins/internal.py:516 +msgid "Text does not match field pattern" +msgstr "" + +#: ipalib/plugins/internal.py:517 +msgid "Must be an integer" +msgstr "" + +#: ipalib/plugins/internal.py:518 +msgid "Maximum value is ${value}" +msgstr "" + +#: ipalib/plugins/internal.py:519 +msgid "Minimum value is ${value}" +msgstr "" + +#: ipalib/plugins/internal.py:520 +msgid "Required field" +msgstr "" + +#: ipalib/plugins/internal.py:525 +msgid "Dict of I18N messages" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:25 +msgid "" +"\n" +"Kerberos ticket policy\n" +"\n" +"There is a single Kerberos ticket policy. This policy defines the\n" +"maximum ticket lifetime and the maximum renewal age, the period during\n" +"which the ticket is renewable.\n" +"\n" +"You can also create a per-user ticket policy by specifying the user login.\n" +"\n" +"For changes to the global policy to take effect, restarting the KDC service\n" +"is required, which can be achieved using:\n" +"\n" +"service krb5kdc restart\n" +"\n" +"Changes to per-user policies take effect immediately for newly requested\n" +"tickets (e.g. when the user next runs kinit).\n" +"\n" +"EXAMPLES:\n" +"\n" +" Display the current Kerberos ticket policy:\n" +" ipa krbtpolicy-show\n" +"\n" +" Reset the policy to the default:\n" +" ipa krbtpolicy-reset\n" +"\n" +" Modify the policy to 8 hours max life, 1-day max renewal:\n" +" ipa krbtpolicy-mod --maxlife=28800 --maxrenew=86400\n" +"\n" +" Display effective Kerberos ticket policy for user 'admin':\n" +" ipa krbtpolicy-show admin\n" +"\n" +" Reset per-user policy for user 'admin':\n" +" ipa krbtpolicy-reset admin\n" +"\n" +" Modify per-user policy for user 'admin':\n" +" ipa krbtpolicy-mod admin --maxlife=3600\n" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:75 +msgid "kerberos ticket policy settings" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:79 ipalib/plugins/krbtpolicy.py:80 +msgid "Kerberos Ticket Policy" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:86 +msgid "Manage ticket policy for specific user" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:91 +msgid "Max life" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:92 +msgid "Maximum ticket life (seconds)" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:97 +msgid "Max renew" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:98 +msgid "Maximum renewable age (seconds)" +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:112 +msgid "Modify Kerberos ticket policy." +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:125 +msgid "Display the current Kerberos ticket policy." +msgstr "" + +#: ipalib/plugins/krbtpolicy.py:148 +msgid "Reset Kerberos ticket policy to the default values." +msgstr "" + +#: ipalib/plugins/migration.py:34 msgid "" "\n" -" Search for group password policies.\n" -" " +"Migration to IPA\n" +"\n" +"Migrate users and groups from an LDAP server to IPA.\n" +"\n" +"This performs an LDAP query against the remote server searching for\n" +"users and groups in a container. In order to migrate passwords you need\n" +"to bind as a user that can read the userPassword attribute on the remote\n" +"server. This is generally restricted to high-level admins such as\n" +"cn=Directory Manager in 389-ds (this is the default bind user).\n" +"\n" +"The default user container is ou=People.\n" +"\n" +"The default group container is ou=Groups.\n" +"\n" +"Users and groups that already exist on the IPA server are skipped.\n" +"\n" +"Two LDAP schemas define how group members are stored: RFC2307 and\n" +"RFC2307bis. RFC2307bis uses member and uniquemember to specify group\n" +"members, RFC2307 uses memberUid. The default schema is RFC2307bis.\n" +"\n" +"Migrated users do not have Kerberos credentials, they have only their\n" +"LDAP password. To complete the migration process, users need to go\n" +"to http://ipa.example.com/ipa/migration and authenticate using their\n" +"LDAP password in order to generate their Kerberos credentials.\n" +"\n" +"Migration is disabled by default. Use the command ipa config-mod to\n" +"enable it:\n" +"\n" +" ipa config-mod --enable-migration=TRUE\n" +"\n" +"EXAMPLES:\n" +"\n" +" The simplest migration, accepting all defaults:\n" +" ipa migrate-ds ldap://ds.example.com:389\n" +"\n" +" Specify the user and group container. This can be used to migrate user and\n" +" group data from an IPA v1 server:\n" +" ipa migrate-ds --user-container='cn=users,cn=accounts' --group-" +"container='cn=groups,cn=accounts' ldap://ds.example.com:389\n" +"\n" +" Since IPA v2 server already contain predefined groups that may collide " +"with\n" +" groups in migrated (IPA v1) server (for example admins, ipausers), users " +"having\n" +" colliding group as their primary group may happen to belong to an unknown " +"group\n" +" on new IPA v2 server.\n" +" Use --group-overwrite-gid option to overwrite GID of already existing " +"groups\n" +" to prevent this issue:\n" +" ipa migrate-ds --group-overwrite-gid --user-container='cn=users," +"cn=accounts' --group-container='cn=groups,cn=accounts' ldap://ds.example." +"com:389\n" +"\n" msgstr "" -#: ipalib/plugins/role.py:20 +#: ipalib/plugins/migration.py:86 +#, python-format +msgid "" +"Kerberos principal %s already exists. Use 'ipa user-mod' to set it manually." +msgstr "" + +#: ipalib/plugins/migration.py:87 +msgid "" +"Failed to add user to the default group. Use 'ipa group-add-member' to add " +"manually." +msgstr "" + +#: ipalib/plugins/migration.py:88 +msgid "Migration of LDAP search reference is not supported." +msgstr "" + +#: ipalib/plugins/migration.py:89 +msgid "Malformed DN" +msgstr "" + +#: ipalib/plugins/migration.py:255 +msgid "" +". Check GID of the existing group. Use --group-overwrite-gid option to " +"overwrite the GID" +msgstr "" + +#: ipalib/plugins/migration.py:270 +msgid "Invalid LDAP URI." +msgstr "" + +#: ipalib/plugins/migration.py:275 +msgid "Migrate users and groups from DS to IPA." +msgstr "" + +#: ipalib/plugins/migration.py:322 +msgid "LDAP URI" +msgstr "" + +#: ipalib/plugins/migration.py:323 +msgid "LDAP URI of DS server to migrate from" +msgstr "" + +#: ipalib/plugins/migration.py:329 +msgid "bind password" +msgstr "" + +#: ipalib/plugins/migration.py:336 +msgid "Bind DN" +msgstr "" + +#: ipalib/plugins/migration.py:342 +msgid "User container" +msgstr "" + +#: ipalib/plugins/migration.py:343 +msgid "RDN of container for users in DS" +msgstr "" + +#: ipalib/plugins/migration.py:349 +msgid "Group container" +msgstr "" + +#: ipalib/plugins/migration.py:350 +msgid "RDN of container for groups in DS" +msgstr "" + +#: ipalib/plugins/migration.py:356 +msgid "User object class" +msgstr "" + +#: ipalib/plugins/migration.py:357 +msgid "" +"Comma-separated list of objectclasses used to search for user entries in DS" +msgstr "" + +#: ipalib/plugins/migration.py:364 +msgid "Group object class" +msgstr "" + +#: ipalib/plugins/migration.py:365 +msgid "" +"Comma-separated list of objectclasses used to search for group entries in DS" +msgstr "" + +#: ipalib/plugins/migration.py:372 +msgid "Ignore user object class" +msgstr "" + +#: ipalib/plugins/migration.py:373 +msgid "" +"Comma-separated list of objectclasses to be ignored for user entries in DS" +msgstr "" + +#: ipalib/plugins/migration.py:380 +msgid "Ignore user attribute" +msgstr "" + +#: ipalib/plugins/migration.py:381 +msgid "Comma-separated list of attributes to be ignored for user entries in DS" +msgstr "" + +#: ipalib/plugins/migration.py:388 +msgid "Ignore group object class" +msgstr "" + +#: ipalib/plugins/migration.py:389 +msgid "" +"Comma-separated list of objectclasses to be ignored for group entries in DS" +msgstr "" + +#: ipalib/plugins/migration.py:396 +msgid "Ignore group attribute" +msgstr "" + +#: ipalib/plugins/migration.py:397 +msgid "" +"Comma-separated list of attributes to be ignored for group entries in DS" +msgstr "" + +#: ipalib/plugins/migration.py:404 +msgid "Overwrite GID" +msgstr "" + +#: ipalib/plugins/migration.py:405 +msgid "" +"When migrating a group already existing in IPA domain overwrite the group " +"GID and report as success" +msgstr "" + +#: ipalib/plugins/migration.py:410 +msgid "LDAP schema" +msgstr "" + +#: ipalib/plugins/migration.py:411 +msgid "" +"The schema used on the LDAP server. Supported values are RFC2307 and " +"RFC2307bis. The default is RFC2307bis" +msgstr "" + +#: ipalib/plugins/migration.py:417 +msgid "Continue" +msgstr "" + +#: ipalib/plugins/migration.py:418 +msgid "" +"Continuous operation mode. Errors are reported but the process continues" +msgstr "" + +#: ipalib/plugins/migration.py:426 +msgid "Lists of objects migrated; categorized by type." +msgstr "" + +#: ipalib/plugins/migration.py:430 +msgid "Lists of objects that could not be migrated; categorized by type." +msgstr "" + +#: ipalib/plugins/migration.py:434 +msgid "False if migration mode was disabled." +msgstr "" + +#: ipalib/plugins/migration.py:438 +#, python-format +msgid "comma-separated list of %s to exclude from migration" +msgstr "" + +#: ipalib/plugins/migration.py:440 +msgid "" +"search results for objects to be migrated\n" +"have been truncated by the server;\n" +"migration process might be incomplete\n" +msgstr "" + +#: ipalib/plugins/migration.py:445 +msgid "Migration mode is disabled. Use 'ipa config-mod' to enable it." +msgstr "" + +#: ipalib/plugins/migration.py:448 +msgid "" +"Passwords have been migrated in pre-hashed format.\n" +"IPA is unable to generate Kerberos keys unless provided\n" +"with clear text passwords. All migrated users need to\n" +"login at https://your.domain/ipa/migration/ before they\n" +"can use their Kerberos accounts." +msgstr "" + +#: ipalib/plugins/migration.py:523 +#, python-format +msgid "Container for %(container)s not found" +msgstr "" + +#: ipalib/plugins/misc.py:25 msgid "" "\n" -"Roles\n" -"\n" -"A role is used for fine-grained delegation. A permission grants the ability\n" -"to perform given low-level tasks (add a user, modify a group, etc.). A\n" -"privilege combines one or more permissions into a higher-level abstraction\n" -"such as useradmin. A useradmin would be able to add, delete and modify " -"users.\n" -"\n" -"Privileges are assigned to Roles.\n" +"Misc plug-ins\n" +msgstr "" + +#: ipalib/plugins/misc.py:36 +msgid "Show environment variables." +msgstr "" + +#: ipalib/plugins/misc.py:38 +#, python-format +msgid "%(count)d variables" +msgstr "" + +#: ipalib/plugins/misc.py:47 ipalib/plugins/misc.py:115 +msgid "" +"retrieve and print all attributes from the server. Affects command output." +msgstr "" + +#: ipalib/plugins/misc.py:61 +msgid "Total number of variables env (>= count)" +msgstr "" + +#: ipalib/plugins/misc.py:66 +msgid "Number of variables returned (<= total)" +msgstr "" + +#: ipalib/plugins/misc.py:106 +msgid "Show all loaded plugins." +msgstr "" + +#: ipalib/plugins/misc.py:109 +#, python-format +msgid "%(count)d plugin loaded" +msgid_plural "%(count)d plugins loaded" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/misc.py:126 +msgid "Number of plugins loaded" +msgstr "" + +#: ipalib/plugins/netgroup.py:28 +msgid "" "\n" -"Users, groups, hosts and hostgroups may be members of a Role.\n" +"Netgroups\n" "\n" -"Roles can not contain other roles.\n" +"A netgroup is a group used for permission checking. It can contain both\n" +"user and host values.\n" "\n" "EXAMPLES:\n" "\n" -" Add a new role:\n" -" ipa role-add --desc=\"Junior-level admin\" junioradmin\n" +" Add a new netgroup:\n" +" ipa netgroup-add --desc=\"NFS admins\" admins\n" "\n" -" Add some privileges to this role:\n" -" ipa role-add-privilege --privileges=addusers junioradmin\n" -" ipa role-add-privilege --privileges=change_password junioradmin\n" -" ipa role-add-privilege --privileges=add_user_to_default_group juioradmin\n" +" Add members to the netgroup:\n" +" ipa netgroup-add-member --users=tuser1,tuser2 admins\n" "\n" -" Add a group of users to this role:\n" -" ipa group-add --desc=\"User admins\" useradmins\n" -" ipa role-add-member --groups=useradmins junioradmin\n" +" Remove a member from the netgroup:\n" +" ipa netgroup-remove-member --users=tuser2 admins\n" "\n" -" Display information about a role:\n" -" ipa role-show junioradmin\n" +" Display information about a netgroup:\n" +" ipa netgroup-show admins\n" "\n" -" The result of this is that any users in the group 'useradmins' can\n" -" add users, reset passwords or add a user to the default IPA user group.\n" +" Delete a netgroup:\n" +" ipa netgroup-del admins\n" msgstr "" -#: ipalib/plugins/role.py:62 -msgid "" -"\n" -" Role object.\n" -" " +#: ipalib/plugins/netgroup.py:60 +msgid "Member Host" msgstr "" -#: ipalib/plugins/role.py:81 -msgid "Role" +#: ipalib/plugins/netgroup.py:72 +msgid "netgroup" msgstr "" -#: ipalib/plugins/role.py:86 -msgid "Role name" +#: ipalib/plugins/netgroup.py:73 +msgid "netgroups" msgstr "" -#: ipalib/plugins/role.py:93 -msgid "A description of this role-group" +#: ipalib/plugins/netgroup.py:99 +msgid "Netgroups" msgstr "" -#: ipalib/plugins/role.py:101 -msgid "" -"\n" -" Add a new role.\n" -" " +#: ipalib/plugins/netgroup.py:100 +msgid "Netgroup" msgstr "" -#: ipalib/plugins/role.py:105 -msgid "Added role \"%(value)s\"" +#: ipalib/plugins/netgroup.py:105 +msgid "Netgroup name" msgstr "" -#: ipalib/plugins/role.py:111 +#: ipalib/plugins/netgroup.py:112 +msgid "Netgroup description" +msgstr "" + +#: ipalib/plugins/netgroup.py:116 +msgid "NIS domain name" +msgstr "" + +#: ipalib/plugins/netgroup.py:121 +msgid "IPA unique ID" +msgstr "" + +#: ipalib/plugins/netgroup.py:142 +msgid "Add a new netgroup." +msgstr "" + +#: ipalib/plugins/netgroup.py:145 +#, python-format +msgid "Added netgroup \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/netgroup.py:162 +#, python-format msgid "" -"\n" -" Delete a role.\n" -" " +"hostgroup with name \"%s\" already exists. Hostgroups and netgroups share a " +"common namespace" +msgstr "" + +#: ipalib/plugins/netgroup.py:174 +msgid "Delete a netgroup." msgstr "" -#: ipalib/plugins/role.py:115 -msgid "Deleted role \"%(value)s\"" +#: ipalib/plugins/netgroup.py:176 +#, python-format +msgid "Deleted netgroup \"%(value)s\"" msgstr "" -#: ipalib/plugins/role.py:121 -msgid "" -"\n" -" Modify a role.\n" -" " +#: ipalib/plugins/netgroup.py:182 +msgid "Modify a netgroup." msgstr "" -#: ipalib/plugins/role.py:125 -msgid "Modified role \"%(value)s\"" +#: ipalib/plugins/netgroup.py:185 +#, python-format +msgid "Modified netgroup \"%(value)s\"" msgstr "" -#: ipalib/plugins/role.py:131 -msgid "" -"\n" -" Search for roles.\n" -" " +#: ipalib/plugins/netgroup.py:199 +msgid "Search for a netgroup." msgstr "" -#: ipalib/plugins/role.py:135 -msgid "%(count)d role matched" -msgid_plural "%(count)d roles matched" +#: ipalib/plugins/netgroup.py:204 +#, python-format +msgid "%(count)d netgroup matched" +msgid_plural "%(count)d netgroups matched" msgstr[0] "" msgstr[1] "" -#: ipalib/plugins/role.py:143 -msgid "" -"\n" -" Display information about a role.\n" -" " -msgstr "" - -#: ipalib/plugins/role.py:151 -msgid "" -"\n" -" Add members to a role.\n" -" " +#: ipalib/plugins/netgroup.py:214 +msgid "search for managed groups" msgstr "" -#: ipalib/plugins/role.py:159 -msgid "" -"\n" -" Remove members from a role.\n" -" " +#: ipalib/plugins/netgroup.py:236 +msgid "Display information about a netgroup." msgstr "" -#: ipalib/plugins/role.py:167 -msgid "" -"\n" -" Add privileges to a role.\n" -" " +#: ipalib/plugins/netgroup.py:244 +msgid "Add members to a netgroup." msgstr "" -#: ipalib/plugins/role.py:183 -msgid "Number of privileges added" +#: ipalib/plugins/netgroup.py:279 +msgid "Remove members from a netgroup." msgstr "" -#: ipalib/plugins/role.py:191 +#: ipalib/plugins/passwd.py:28 msgid "" "\n" -" Remove privileges from a role.\n" -" " +"Set a user's password\n" +"\n" +"If someone other than a user changes that user's password (e.g., Helpdesk\n" +"resets it) then the password will need to be changed the first time it\n" +"is used. This is so the end-user is the only one who knows the password.\n" +"\n" +"The IPA password policy controls how often a password may be changed,\n" +"what strength requirements exist, and the length of the password history.\n" +"\n" +"EXAMPLES:\n" +"\n" +" To reset your own password:\n" +" ipa passwd\n" +"\n" +" To change another user's password:\n" +" ipa passwd tuser1\n" msgstr "" -#: ipalib/plugins/role.py:207 -msgid "Number of privileges removed" +#: ipalib/plugins/passwd.py:64 +msgid "Set a user's password." msgstr "" -#: ipalib/plugins/selfservice.py:19 +#: ipalib/plugins/passwd.py:88 +#, python-format +msgid "Changed password for \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/permission.py:27 msgid "" "\n" -"Self-service Permissions\n" +"Permissions\n" "\n" -"A permission enables fine-grained delegation of permissions. Access Control\n" -"Rules, or instructions (ACIs), grant permission to permissions to perform\n" -"given tasks such as adding a user, modifying a group, etc.\n" +"A permission enables fine-grained delegation of rights. A permission is\n" +"a human-readable form of a 389-ds Access Control Rule, or instruction " +"(ACI).\n" +"A permission grants the right to perform a specific task such as adding a\n" +"user, modifying a group, etc.\n" "\n" -"A Self-service permission defines what an object can change in its own " -"entry.\n" +"A permission may not contain other permissions.\n" "\n" +"* A permission grants access to read, write, add or delete.\n" +"* A privilege combines similar permissions (for example all the permissions\n" +" needed to add a user).\n" +"* A role grants a set of privileges to users, groups, hosts or hostgroups.\n" "\n" -"EXAMPLES:\n" +"A permission is made up of a number of different parts:\n" "\n" -" Add a self-service rule to allow users to manage their address:\n" -" ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st " -"\"Users manage their own address\"\n" +"1. The name of the permission.\n" +"2. The target of the permission.\n" +"3. The rights granted by the permission.\n" "\n" -" When managing the list of attributes you need to include all attributes\n" -" in the list, including existing ones. Add telephoneNumber to the list:\n" -" ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber " -"\"Users manage their own address\"\n" +"Rights define what operations are allowed, and may be one or more\n" +"of the following:\n" +"1. write - write one or more attributes\n" +"2. read - read one or more attributes\n" +"3. add - add a new entry to the tree\n" +"4. delete - delete an existing entry\n" +"5. all - all permissions are granted\n" "\n" -" Display our updated rule:\n" -" ipa selfservice-show \"Users manage their own address\"\n" +"Read permission is granted for most attributes by default so the read\n" +"permission is not expected to be used very often.\n" "\n" -" Delete a rule:\n" -" ipa selfservice-del \"Users manage their own address\"\n" -msgstr "" - -#: ipalib/plugins/selfservice.py:56 -msgid "" +"Note the distinction between attributes and entries. The permissions are\n" +"independent, so being able to add a user does not mean that the user will\n" +"be editable.\n" +"\n" +"There are a number of allowed targets:\n" +"1. type: a type of object (user, group, etc).\n" +"2. memberof: a member of a group or hostgroup\n" +"3. filter: an LDAP filter\n" +"4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a\n" +" super-set of the \"type\" target.\n" +"5. targetgroup: grant access to modify a specific group (such as granting\n" +" the rights to manage group membership)\n" "\n" -" Determine if the ACI is a Self-service ACI and raise an exception if it\n" -" isn't.\n" +"EXAMPLES:\n" "\n" -" Return the result if it is a self-service ACI.\n" -" " +" Add a permission that grants the creation of users:\n" +" ipa permission-add --type=user --permissions=add \"Add Users\"\n" +"\n" +" Add a permission that grants the ability to manage group membership:\n" +" ipa permission-add --attrs=member --permissions=write --type=group " +"\"Manage Group Members\"\n" msgstr "" -#: ipalib/plugins/selfservice.py:64 -msgid "Self-service permission '%(permission)s' not found" +#: ipalib/plugins/permission.py:85 +msgid "Permission Type" msgstr "" -#: ipalib/plugins/selfservice.py:68 -msgid "" -"\n" -" Selfservice object.\n" -" " +#: ipalib/plugins/permission.py:94 +msgid "permission" msgstr "" -#: ipalib/plugins/selfservice.py:75 -msgid "Self Service Permissions" +#: ipalib/plugins/permission.py:95 +msgid "permissions" msgstr "" -#: ipalib/plugins/selfservice.py:80 ipalib/plugins/selfservice.py:81 -msgid "Self-service name" +#: ipalib/plugins/permission.py:114 +msgid "Permission name" msgstr "" -#: ipalib/plugins/selfservice.py:114 +#: ipalib/plugins/permission.py:120 msgid "" -"\n" -" Add a new self-service permission.\n" -" " +"Comma-separated list of permissions to grant (read, write, add, delete, all)" msgstr "" -#: ipalib/plugins/selfservice.py:118 -msgid "Added selfservice \"%(value)s\"" +#: ipalib/plugins/permission.py:135 +msgid "" +"Type of IPA object (user, group, host, hostgroup, service, netgroup, dns)" msgstr "" -#: ipalib/plugins/selfservice.py:137 -msgid "" -"\n" -" Delete a self-service permission.\n" -" " +#: ipalib/plugins/permission.py:141 +msgid "Member of group" msgstr "" -#: ipalib/plugins/selfservice.py:142 -msgid "Deleted selfservice \"%(value)s\"" +#: ipalib/plugins/permission.py:142 +msgid "Target members of a group" msgstr "" -#: ipalib/plugins/selfservice.py:158 -msgid "" -"\n" -" Modify a self-service permission.\n" -" " +#: ipalib/plugins/permission.py:154 +msgid "Subtree to apply permissions to" msgstr "" -#: ipalib/plugins/selfservice.py:162 -msgid "Modified selfservice \"%(value)s\"" +#: ipalib/plugins/permission.py:160 +msgid "User group to apply permissions to" msgstr "" -#: ipalib/plugins/selfservice.py:181 -msgid "" -"\n" -" Search for a self-service permission.\n" -" " +#: ipalib/plugins/permission.py:180 +msgid "Add a new permission." msgstr "" -#: ipalib/plugins/selfservice.py:185 -msgid "%(count)d selfservice matched" -msgid_plural "%(count)d selfservices matched" +#: ipalib/plugins/permission.py:182 +#, python-format +msgid "Added permission \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/permission.py:237 +msgid "Delete a permission." +msgstr "" + +#: ipalib/plugins/permission.py:239 +#, python-format +msgid "Deleted permission \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/permission.py:255 +msgid "Modify a permission." +msgstr "" + +#: ipalib/plugins/permission.py:257 +#, python-format +msgid "Modified permission \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/permission.py:349 +msgid "Search for permissions." +msgstr "" + +#: ipalib/plugins/permission.py:352 +#, python-format +msgid "%(count)d permission matched" +msgid_plural "%(count)d permissions matched" msgstr[0] "" msgstr[1] "" -#: ipalib/plugins/selfservice.py:207 +#: ipalib/plugins/permission.py:402 +msgid "Display information about a permission." +msgstr "" + +#: ipalib/plugins/ping.py:26 msgid "" "\n" -" Display information about a self-service permission.\n" -" " +"Ping the remote IPA server\n" +msgstr "" + +#: ipalib/plugins/ping.py:31 +msgid "Ping a remote server." msgstr "" -#: ipalib/plugins/service.py:21 +#: ipalib/plugins/pkinit.py:25 msgid "" "\n" -"Services\n" -"\n" -"A IPA service represents a service that runs on a host. The IPA service\n" -"record can store a Kerberos principal, an SSL certificate, or both.\n" -"\n" -"An IPA service can be managed directly from a machine, provided that\n" -"machine has been given the correct permission. This is true even for\n" -"machines other than the one the service is associated with. For example,\n" -"requesting an SSL certificate using the host service principal credentials\n" -"of the host. To manage a service using host credentials you need to\n" -"kinit as the host:\n" -"\n" -" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" -"\n" -"Adding an IPA service allows the associated service to request an SSL\n" -"certificate or keytab, but this is performed as a separate step; they\n" -"are not produced as a result of adding the service.\n" +"Kerberos pkinit options\n" "\n" -"Only the public aspect of a certificate is stored in a service record;\n" -"the private key is not stored.\n" +"Enable or disable anonymous pkinit using the principal\n" +"WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with\n" +"pkinit support.\n" "\n" "EXAMPLES:\n" "\n" -" Add a new IPA service:\n" -" ipa service-add HTTP/web.example.com\n" +" Enable anonymous pkinit:\n" +" ipa pkinit-anonymous enable\n" "\n" -" Allow a host to manage an IPA service certificate:\n" -" ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" -" ipa role-add-member --hosts=web.example.com certadmin\n" +" Disable anonymous pkinit:\n" +" ipa pkinit-anonymous disable\n" "\n" -" Delete an IPA service:\n" -" ipa service-del HTTP/web.example.com\n" +"For more information on anonymous pkinit see:\n" "\n" -" Find all IPA services associated with a host:\n" -" ipa service-find web.example.com\n" +"http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit\n" +msgstr "" + +#: ipalib/plugins/pkinit.py:49 +msgid "pkinit" +msgstr "" + +#: ipalib/plugins/pkinit.py:51 +msgid "PKINIT" +msgstr "" + +#: ipalib/plugins/pkinit.py:67 +msgid "Enable or Disable Anonymous PKINIT." +msgstr "" + +#: ipalib/plugins/privilege.py:23 +msgid "" "\n" -" Find all HTTP services:\n" -" ipa service-find HTTP\n" +"Privileges\n" "\n" -" Disable the service Kerberos key and SSL certificate:\n" -" ipa service-disable HTTP/web.example.com\n" +"A privilege combines permissions into a logical task. A permission provides\n" +"the rights to do a single task. There are some IPA operations that require\n" +"multiple permissions to succeed. A privilege is where permissions are\n" +"combined in order to perform a specific task.\n" "\n" -" Request a certificate for an IPA service:\n" -" ipa cert-request --principal=HTTP/web.example.com example.csr\n" +"For example, adding a user requires the following permissions:\n" +" * Creating a new user entry\n" +" * Resetting a user password\n" +" * Adding the new user to the default IPA users group\n" +"\n" +"Combining these three low-level tasks into a higher level task in the\n" +"form of a privilege named \"Add User\" makes it easier to manage Roles.\n" "\n" -" Generate and retrieve a keytab for an IPA service:\n" -" ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" -"httpd.keytab\n" +"A privilege may not contain other privileges.\n" "\n" +"See role and permission for additional information.\n" msgstr "" -#: ipalib/plugins/service.py:162 -msgid "" -"\n" -" For now just verify that it is properly base64-encoded.\n" -" " +#: ipalib/plugins/privilege.py:49 +msgid "privilege" msgstr "" -#: ipalib/plugins/service.py:175 -msgid "" -"\n" -" Set individual attributes from some values from a certificate.\n" -"\n" -" entry_attrs is a dict of an entry\n" -"\n" -" returns nothing\n" -" " +#: ipalib/plugins/privilege.py:50 +msgid "privileges" msgstr "" -#: ipalib/plugins/service.py:199 -msgid "" -"\n" -" Service object.\n" -" " +#: ipalib/plugins/privilege.py:65 +msgid "Privileges" msgstr "" -#: ipalib/plugins/service.py:226 -msgid "Service principal" +#: ipalib/plugins/privilege.py:66 +msgid "Privilege" msgstr "" -#: ipalib/plugins/service.py:242 -msgid "" -"\n" -" Add a new IPA new service.\n" -" " +#: ipalib/plugins/privilege.py:71 +msgid "Privilege name" msgstr "" -#: ipalib/plugins/service.py:245 -msgid "Added service \"%(value)s\"" +#: ipalib/plugins/privilege.py:77 +msgid "Privilege description" msgstr "" -#: ipalib/plugins/service.py:251 -msgid "force principal name even if not in DNS" +#: ipalib/plugins/privilege.py:85 +msgid "Add a new privilege." msgstr "" -#: ipalib/plugins/service.py:284 -msgid "" -"\n" -" Delete an IPA service.\n" -" " +#: ipalib/plugins/privilege.py:87 +#, python-format +msgid "Added privilege \"%(value)s\"" msgstr "" -#: ipalib/plugins/service.py:287 -msgid "Deleted service \"%(value)s\"" +#: ipalib/plugins/privilege.py:93 +msgid "Delete a privilege." msgstr "" -#: ipalib/plugins/service.py:321 -msgid "" -"\n" -" Modify an existing IPA service.\n" -" " +#: ipalib/plugins/privilege.py:95 +#, python-format +msgid "Deleted privilege \"%(value)s\"" msgstr "" -#: ipalib/plugins/service.py:324 -msgid "Modified service \"%(value)s\"" +#: ipalib/plugins/privilege.py:101 +msgid "Modify a privilege." msgstr "" -#: ipalib/plugins/service.py:356 -msgid "" -"\n" -" Search for IPA services.\n" -" " +#: ipalib/plugins/privilege.py:103 +#, python-format +msgid "Modified privilege \"%(value)s\"" msgstr "" -#: ipalib/plugins/service.py:359 -msgid "%(count)d service matched" -msgid_plural "%(count)d services matched" +#: ipalib/plugins/privilege.py:109 +msgid "Search for privileges." +msgstr "" + +#: ipalib/plugins/privilege.py:112 +#, python-format +msgid "%(count)d privilege matched" +msgid_plural "%(count)d privileges matched" msgstr[0] "" msgstr[1] "" -#: ipalib/plugins/service.py:394 -msgid "" -"\n" -" Display information about an IPA service.\n" -" " +#: ipalib/plugins/privilege.py:119 +msgid "Display information about a privilege." msgstr "" -#: ipalib/plugins/service.py:432 -msgid "" -"\n" -" Add hosts that can manage this service.\n" -" " +#: ipalib/plugins/privilege.py:125 +msgid "Add members to a privilege." msgstr "" -#: ipalib/plugins/service.py:442 -msgid "" -"\n" -" Remove hosts that can manage this service.\n" -" " +#: ipalib/plugins/privilege.py:142 +msgid "Add permissions to a privilege." msgstr "" -#: ipalib/plugins/service.py:452 -msgid "" -"\n" -" Disable the Kerberos key and SSL certificate of a service.\n" -" " +#: ipalib/plugins/privilege.py:157 +msgid "Number of permissions added" msgstr "" -#: ipalib/plugins/service.py:456 -msgid "Disabled service \"%(value)s\"" +#: ipalib/plugins/privilege.py:165 +msgid "Remove permissions from a privilege." +msgstr "" + +#: ipalib/plugins/privilege.py:182 +msgid "Number of permissions removed" msgstr "" -#: ipalib/plugins/sudocmd.py:19 +#: ipalib/plugins/pwpolicy.py:29 msgid "" "\n" -"Sudo Commands\n" +"Password policy\n" "\n" -"Commands used as building blocks for sudo\n" +"A password policy sets limitations on IPA passwords, including maximum\n" +"lifetime, minimum lifetime, the number of passwords to save in\n" +"history, the number of character classes required (for stronger passwords)\n" +"and the minimum password length.\n" +"\n" +"By default there is a single, global policy for all users. You can also\n" +"create a password policy to apply to a group. Each user is only subject\n" +"to one password policy, either the group policy or the global policy. A\n" +"group policy stands alone; it is not a super-set of the global policy plus\n" +"custom settings.\n" +"\n" +"Each group password policy requires a unique priority setting. If a user\n" +"is in multiple groups that have password policies, this priority determines\n" +"which password policy is applied. A lower value indicates a higher priority\n" +"policy.\n" +"\n" +"Group password policies are automatically removed when the groups they\n" +"are associated with are removed.\n" "\n" "EXAMPLES:\n" "\n" -" Create a new command\n" -" ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n" +" Modify the global policy:\n" +" ipa pwpolicy-mod --minlength=10\n" "\n" -" Remove a command\n" -" ipa sudocmd-del /usr/bin/less\n" +" Add a new group password policy:\n" +" ipa pwpolicy-add --maxlife=90 --minlife=1 --history=10 --minclasses=3 --" +"minlength=8 --priority=10 localadmins\n" +"\n" +" Display the global password policy:\n" +" ipa pwpolicy-show\n" +"\n" +" Display a group password policy:\n" +" ipa pwpolicy-show localadmins\n" +"\n" +" Display the policy that would be applied to a given user:\n" +" ipa pwpolicy-show --user=tuser1\n" "\n" +" Modify a group password policy:\n" +" ipa pwpolicy-mod --minclasses=2 localadmins\n" msgstr "" -#: ipalib/plugins/sudocmd.py:46 -msgid "" -"\n" -" Sudo Command object.\n" -" " +#: ipalib/plugins/pwpolicy.py:89 +#, python-format +msgid "priority must be a unique value (%(prio)d already used by %(gname)s)" msgstr "" -#: ipalib/plugins/sudocmd.py:64 -msgid "Sudo Commands" +#: ipalib/plugins/pwpolicy.py:177 +msgid "password policy" msgstr "" -#: ipalib/plugins/sudocmd.py:69 -msgid "Sudo Command" +#: ipalib/plugins/pwpolicy.py:178 +msgid "password policies" msgstr "" -#: ipalib/plugins/sudocmd.py:75 -msgid "A description of this command" +#: ipalib/plugins/pwpolicy.py:202 +msgid "Max failures" msgstr "" -#: ipalib/plugins/sudocmd.py:98 -msgid "" -"\n" -" Create new sudo command.\n" -" " +#: ipalib/plugins/pwpolicy.py:203 +msgid "Consecutive failures before lockout" msgstr "" -#: ipalib/plugins/sudocmd.py:102 -msgid "Added sudo command \"%(value)s\"" +#: ipalib/plugins/pwpolicy.py:208 +msgid "Failure reset interval" msgstr "" -#: ipalib/plugins/sudocmd.py:107 -msgid "" -"\n" -" Delete sudo command.\n" -" " +#: ipalib/plugins/pwpolicy.py:209 +msgid "Period after which failure count will be reset (seconds)" msgstr "" -#: ipalib/plugins/sudocmd.py:111 -msgid "Deleted sudo command \"%(value)s\"" +#: ipalib/plugins/pwpolicy.py:214 +msgid "Lockout duration" msgstr "" -#: ipalib/plugins/sudocmd.py:116 -msgid "" -"\n" -" Modify command.\n" -" " +#: ipalib/plugins/pwpolicy.py:215 +msgid "Period for which lockout is enforced (seconds)" msgstr "" -#: ipalib/plugins/sudocmd.py:120 -msgid "Modified sudo command \"%(value)s\"" +#: ipalib/plugins/pwpolicy.py:220 +msgid "Password Policies" msgstr "" -#: ipalib/plugins/sudocmd.py:125 -msgid "" -"\n" -" Search for commands.\n" -" " +#: ipalib/plugins/pwpolicy.py:226 +msgid "Group" msgstr "" -#: ipalib/plugins/sudocmd.py:129 -msgid "%(count)d sudo command matched" -msgid_plural "%(count)d sudo command matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/pwpolicy.py:227 +msgid "Manage password policy for specific group" +msgstr "" -#: ipalib/plugins/sudocmd.py:136 -msgid "" -"\n" -" Display sudo command.\n" -" " +#: ipalib/plugins/pwpolicy.py:232 +msgid "Max lifetime (days)" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:19 -msgid "" -"\n" -"Groups of Sudo commands\n" -"\n" -"Manage groups of Sudo commands.\n" -"\n" -"EXAMPLES:\n" -"\n" -" Add a new Sudo command group:\n" -" ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" -"\n" -" Remove a Sudo command group:\n" -" ipa sudocmdgroup-del admincmds\n" -"\n" -" Manage Sudo command group membership, commands:\n" -" ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim " -"admincmds\n" -"\n" -" Manage Sudo command group membership, commands:\n" -" ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n" -"\n" -" Show a Sudo command group:\n" -" ipa group-show localadmins\n" +#: ipalib/plugins/pwpolicy.py:233 +msgid "Maximum password lifetime (in days)" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:50 -msgid "" -"\n" -" Sudo Group object.\n" -" " +#: ipalib/plugins/pwpolicy.py:238 +msgid "Min lifetime (hours)" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:70 -msgid "Sudo Command Group" +#: ipalib/plugins/pwpolicy.py:239 +msgid "Minimum password lifetime (in hours)" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:93 -msgid "" -"\n" -" Create new sudo command group.\n" -" " +#: ipalib/plugins/pwpolicy.py:244 +msgid "History size" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:97 -msgid "Added sudo command group \"%(value)s\"" +#: ipalib/plugins/pwpolicy.py:245 +msgid "Password history size" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:103 -msgid "" -"\n" -" Delete sudo command group.\n" -" " +#: ipalib/plugins/pwpolicy.py:250 +msgid "Character classes" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:107 -msgid "Deleted sudo command group \"%(value)s\"" +#: ipalib/plugins/pwpolicy.py:251 +msgid "Minimum number of character classes" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:113 -msgid "" -"\n" -" Modify group.\n" -" " +#: ipalib/plugins/pwpolicy.py:257 +msgid "Min length" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:117 -msgid "Modified sudo command group \"%(value)s\"" +#: ipalib/plugins/pwpolicy.py:258 +msgid "Minimum length of password" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:123 -msgid "" -"\n" -" Search for sudo command groups.\n" -" " +#: ipalib/plugins/pwpolicy.py:263 +msgid "Priority" msgstr "" -#: ipalib/plugins/sudocmdgroup.py:127 -msgid "%(count)d sudo command group matched" -msgid_plural "%(count)d sudo command groups matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/pwpolicy.py:264 +msgid "Priority of the policy (higher number means lower priority" +msgstr "" -#: ipalib/plugins/sudocmdgroup.py:136 -msgid "" -"\n" -" Display sudo command group.\n" -" " +#: ipalib/plugins/pwpolicy.py:317 +msgid "Maximum password life must be greater than minimum." msgstr "" -#: ipalib/plugins/sudocmdgroup.py:144 -msgid "" -"\n" -" Add members to sudo command group.\n" -" " +#: ipalib/plugins/pwpolicy.py:336 +msgid "Add a new group password policy." msgstr "" -#: ipalib/plugins/sudocmdgroup.py:152 -msgid "" -"\n" -" Remove members from sudo command group.\n" -" " +#: ipalib/plugins/pwpolicy.py:361 +msgid "Delete a group password policy." +msgstr "" + +#: ipalib/plugins/pwpolicy.py:372 +msgid "cannot delete global password policy" +msgstr "" + +#: ipalib/plugins/pwpolicy.py:387 +msgid "Modify a group password policy." +msgstr "" + +#: ipalib/plugins/pwpolicy.py:397 +msgid "priority cannot be set on global policy" +msgstr "" + +#: ipalib/plugins/pwpolicy.py:428 +msgid "Display information about password policy." +msgstr "" + +#: ipalib/plugins/pwpolicy.py:432 ipalib/plugins/user.py:169 +msgid "User" +msgstr "" + +#: ipalib/plugins/pwpolicy.py:433 +msgid "Display effective policy for a specific user" +msgstr "" + +#: ipalib/plugins/pwpolicy.py:456 +msgid "Search for group password policies." msgstr "" -#: ipalib/plugins/sudorule.py:19 +#: ipalib/plugins/role.py:26 msgid "" "\n" -"Sudo (su \"do\") allows a system administrator to delegate authority to\n" -"give certain users (or groups of users) the ability to run some (or all)\n" -"commands as root or another user while providing an audit trail of the\n" -"commands and their arguments.\n" +"Roles\n" +"\n" +"A role is used for fine-grained delegation. A permission grants the ability\n" +"to perform given low-level tasks (add a user, modify a group, etc.). A\n" +"privilege combines one or more permissions into a higher-level abstraction\n" +"such as useradmin. A useradmin would be able to add, delete and modify " +"users.\n" +"\n" +"Privileges are assigned to Roles.\n" +"\n" +"Users, groups, hosts and hostgroups may be members of a Role.\n" +"\n" +"Roles can not contain other roles.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new role:\n" +" ipa role-add --desc=\"Junior-level admin\" junioradmin\n" +"\n" +" Add some privileges to this role:\n" +" ipa role-add-privilege --privileges=addusers junioradmin\n" +" ipa role-add-privilege --privileges=change_password junioradmin\n" +" ipa role-add-privilege --privileges=add_user_to_default_group juioradmin\n" "\n" -"FreeIPA provides a designated binddn to use with Sudo located at:\n" -"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" +" Add a group of users to this role:\n" +" ipa group-add --desc=\"User admins\" useradmins\n" +" ipa role-add-member --groups=useradmins junioradmin\n" "\n" -"To enable the binddn run the following command to set the password:\n" -"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" -"ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," -"dc=com\n" +" Display information about a role:\n" +" ipa role-show junioradmin\n" "\n" -"For more information, see the FreeIPA Documentation to Sudo.\n" +" The result of this is that any users in the group 'useradmins' can\n" +" add users, reset passwords or add a user to the default IPA user group.\n" msgstr "" -#: ipalib/plugins/sudorule.py:44 -msgid "" -"\n" -" Sudo Rule management\n" -" " +#: ipalib/plugins/role.py:66 +msgid "role" msgstr "" -#: ipalib/plugins/sudorule.py:68 -msgid "Sudo Rule" +#: ipalib/plugins/role.py:67 +msgid "roles" msgstr "" -#: ipalib/plugins/sudorule.py:98 -msgid "Command category" +#: ipalib/plugins/role.py:82 +msgid "Role" msgstr "" -#: ipalib/plugins/sudorule.py:99 -msgid "Command category the rule applies to" +#: ipalib/plugins/role.py:87 +msgid "Role name" msgstr "" -#: ipalib/plugins/sudorule.py:104 -msgid "Run As User category" +#: ipalib/plugins/role.py:93 +msgid "A description of this role-group" msgstr "" -#: ipalib/plugins/sudorule.py:105 -msgid "Run As User category the rule applies to" +#: ipalib/plugins/role.py:101 +msgid "Add a new role." msgstr "" -#: ipalib/plugins/sudorule.py:110 -msgid "Run As Group category" +#: ipalib/plugins/role.py:103 +#, python-format +msgid "Added role \"%(value)s\"" msgstr "" -#: ipalib/plugins/sudorule.py:111 -msgid "Run As Group category the rule applies to" +#: ipalib/plugins/role.py:109 +msgid "Delete a role." msgstr "" -#: ipalib/plugins/sudorule.py:131 -msgid "Sudo Allow Commands" +#: ipalib/plugins/role.py:111 +#, python-format +msgid "Deleted role \"%(value)s\"" msgstr "" -#: ipalib/plugins/sudorule.py:135 -msgid "Sudo Deny Commands" +#: ipalib/plugins/role.py:117 +msgid "Modify a role." msgstr "" -#: ipalib/plugins/sudorule.py:147 -msgid "Run As User" +#: ipalib/plugins/role.py:119 +#, python-format +msgid "Modified role \"%(value)s\"" msgstr "" -#: ipalib/plugins/sudorule.py:151 -msgid "Run As Group" +#: ipalib/plugins/role.py:125 +msgid "Search for roles." msgstr "" -#: ipalib/plugins/sudorule.py:156 -msgid "External User" -msgstr "" +#: ipalib/plugins/role.py:128 +#, python-format +msgid "%(count)d role matched" +msgid_plural "%(count)d roles matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/plugins/sudorule.py:157 -msgid "External User the rule applies to" +#: ipalib/plugins/role.py:135 +msgid "Display information about a role." msgstr "" -#: ipalib/plugins/sudorule.py:161 -msgid "RunAs External User" +#: ipalib/plugins/role.py:141 +msgid "Add members to a role." msgstr "" -#: ipalib/plugins/sudorule.py:162 -msgid "External User the commands can run as" +#: ipalib/plugins/role.py:147 +msgid "Remove members from a role." msgstr "" -#: ipalib/plugins/sudorule.py:166 -msgid "RunAs External Group" +#: ipalib/plugins/role.py:153 +msgid "Add privileges to a role." msgstr "" -#: ipalib/plugins/sudorule.py:167 -msgid "External Group the commands can run as" +#: ipalib/plugins/role.py:168 +msgid "Number of privileges added" msgstr "" -#: ipalib/plugins/sudorule.py:175 -msgid "" -"\n" -" Create new Sudo Rule.\n" -" " +#: ipalib/plugins/role.py:176 +msgid "Remove privileges from a role." msgstr "" -#: ipalib/plugins/sudorule.py:183 -msgid "Added sudo rule \"%(value)s\"" +#: ipalib/plugins/role.py:191 +msgid "Number of privileges removed" msgstr "" -#: ipalib/plugins/sudorule.py:189 +#: ipalib/plugins/selfservice.py:28 msgid "" "\n" -" Delete Sudo Rule.\n" -" " -msgstr "" - -#: ipalib/plugins/sudorule.py:197 -msgid "" +"Self-service Permissions\n" "\n" -" Modify Sudo Rule.\n" -" " -msgstr "" - -#: ipalib/plugins/sudorule.py:205 -msgid "" +"A permission enables fine-grained delegation of permissions. Access Control\n" +"Rules, or instructions (ACIs), grant permission to permissions to perform\n" +"given tasks such as adding a user, modifying a group, etc.\n" "\n" -" Search for Sudo Rule.\n" -" " -msgstr "" - -#: ipalib/plugins/sudorule.py:213 -msgid "" +"A Self-service permission defines what an object can change in its own " +"entry.\n" "\n" -" Display Sudo Rule.\n" -" " -msgstr "" - -#: ipalib/plugins/sudorule.py:221 -msgid "" "\n" -" Enable a Sudo rule.\n" -" " +"EXAMPLES:\n" +"\n" +" Add a self-service rule to allow users to manage their address:\n" +" ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st " +"\"Users manage their own address\"\n" +"\n" +" When managing the list of attributes you need to include all attributes\n" +" in the list, including existing ones. Add telephoneNumber to the list:\n" +" ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber " +"\"Users manage their own address\"\n" +"\n" +" Display our updated rule:\n" +" ipa selfservice-show \"Users manage their own address\"\n" +"\n" +" Delete a rule:\n" +" ipa selfservice-del \"Users manage their own address\"\n" msgstr "" -#: ipalib/plugins/sudorule.py:247 -msgid "" -"\n" -" Disable a Sudo rule.\n" -" " +#: ipalib/plugins/selfservice.py:65 +#, python-format +msgid "Self-service permission '%(permission)s' not found" msgstr "" -#: ipalib/plugins/sudorule.py:273 ipalib/plugins/sudorule.py:293 -msgid "" -"\n" -" Add commands and sudo command groups affected by Sudo Rule.\n" -" " +#: ipalib/plugins/selfservice.py:74 +msgid "self service permission" msgstr "" -#: ipalib/plugins/sudorule.py:283 ipalib/plugins/sudorule.py:303 -msgid "" -"\n" -" Remove commands and sudo command groups affected by Sudo Rule.\n" -" " +#: ipalib/plugins/selfservice.py:75 +msgid "self service permissions" msgstr "" -#: ipalib/plugins/sudorule.py:313 -msgid "" -"\n" -" Add users and groups affected by Sudo Rule.\n" -" " +#: ipalib/plugins/selfservice.py:76 +msgid "Self Service Permissions" msgstr "" -#: ipalib/plugins/sudorule.py:349 -msgid "" -"\n" -" Remove users and groups affected by Sudo Rule.\n" -" " +#: ipalib/plugins/selfservice.py:77 +msgid "Self Service Permission" msgstr "" -#: ipalib/plugins/sudorule.py:383 -msgid "" -"\n" -" Add hosts and hostgroups affected by Sudo Rule.\n" -" " +#: ipalib/plugins/selfservice.py:82 ipalib/plugins/selfservice.py:83 +msgid "Self-service name" msgstr "" -#: ipalib/plugins/sudorule.py:419 -msgid "" -"\n" -" Remove hosts and hostgroups affected by Sudo Rule.\n" -" " +#: ipalib/plugins/selfservice.py:118 +msgid "Add a new self-service permission." msgstr "" -#: ipalib/plugins/sudorule.py:453 -msgid "" -"\n" -" Add user for Sudo to execute as.\n" -" " +#: ipalib/plugins/selfservice.py:120 +#, python-format +msgid "Added selfservice \"%(value)s\"" msgstr "" -#: ipalib/plugins/sudorule.py:489 -msgid "" -"\n" -" Remove user for Sudo to execute as.\n" -" " +#: ipalib/plugins/selfservice.py:139 +msgid "Delete a self-service permission." msgstr "" -#: ipalib/plugins/sudorule.py:523 -msgid "" -"\n" -" Add group for Sudo to execute as.\n" -" " +#: ipalib/plugins/selfservice.py:142 +#, python-format +msgid "Deleted selfservice \"%(value)s\"" msgstr "" -#: ipalib/plugins/sudorule.py:559 -msgid "" -"\n" -" Remove group for Sudo to execute as.\n" -" " +#: ipalib/plugins/selfservice.py:158 +msgid "Modify a self-service permission." msgstr "" -#: ipalib/plugins/sudorule.py:593 -msgid "" -"\n" -" Add an option to the Sudo rule.\n" -" " +#: ipalib/plugins/selfservice.py:160 +#, python-format +msgid "Modified selfservice \"%(value)s\"" msgstr "" -#: ipalib/plugins/sudorule.py:600 ipalib/plugins/sudorule.py:641 -msgid "Sudo Option" +#: ipalib/plugins/selfservice.py:179 +msgid "Search for a self-service permission." msgstr "" -#: ipalib/plugins/sudorule.py:635 -msgid "" -"\n" -" Remove an option from Sudo rule.\n" -" " +#: ipalib/plugins/selfservice.py:182 +#, python-format +msgid "%(count)d selfservice matched" +msgid_plural "%(count)d selfservices matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/selfservice.py:203 +msgid "Display information about a self-service permission." msgstr "" -#: ipalib/plugins/user.py:20 +#: ipalib/plugins/service.py:35 msgid "" "\n" -"Users\n" +"Services\n" "\n" -"Manage user entries. All users are POSIX users.\n" +"A IPA service represents a service that runs on a host. The IPA service\n" +"record can store a Kerberos principal, an SSL certificate, or both.\n" "\n" -"IPA supports a wide range of username formats, but you need to be aware of " -"any\n" -"restrictions that may apply to your particular environment. For example,\n" -"usernames that start with a digit or usernames that exceed a certain length\n" -"may cause problems for some UNIX systems.\n" -"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" +"An IPA service can be managed directly from a machine, provided that\n" +"machine has been given the correct permission. This is true even for\n" +"machines other than the one the service is associated with. For example,\n" +"requesting an SSL certificate using the host service principal credentials\n" +"of the host. To manage a service using host credentials you need to\n" +"kinit as the host:\n" "\n" -"Disabling a user account prevents that user from obtaining new Kerberos\n" -"credentials. It does not invalidate any credentials that have already\n" -"been issued.\n" +" # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM\n" "\n" -"Password management is not a part of this module. For more information\n" -"about this topic please see: ipa help passwd\n" +"Adding an IPA service allows the associated service to request an SSL\n" +"certificate or keytab, but this is performed as a separate step; they\n" +"are not produced as a result of adding the service.\n" +"\n" +"Only the public aspect of a certificate is stored in a service record;\n" +"the private key is not stored.\n" "\n" "EXAMPLES:\n" "\n" -" Add a new user:\n" -" ipa user-add --first=Tim --last=User --password tuser1\n" +" Add a new IPA service:\n" +" ipa service-add HTTP/web.example.com\n" "\n" -" Find all users whose entries include the string \"Tim\":\n" -" ipa user-find Tim\n" +" Allow a host to manage an IPA service certificate:\n" +" ipa service-add-host --hosts=web.example.com HTTP/web.example.com\n" +" ipa role-add-member --hosts=web.example.com certadmin\n" "\n" -" Find all users with \"Tim\" as the first name:\n" -" ipa user-find --first=Tim\n" +" Delete an IPA service:\n" +" ipa service-del HTTP/web.example.com\n" "\n" -" Disable a user account:\n" -" ipa user-disable tuser1\n" +" Find all IPA services associated with a host:\n" +" ipa service-find web.example.com\n" "\n" -" Enable a user account:\n" -" ipa user-enable tuser1\n" +" Find all HTTP services:\n" +" ipa service-find HTTP\n" +"\n" +" Disable the service Kerberos key and SSL certificate:\n" +" ipa service-disable HTTP/web.example.com\n" +"\n" +" Request a certificate for an IPA service:\n" +" ipa cert-request --principal=HTTP/web.example.com example.csr\n" +"\n" +" Generate and retrieve a keytab for an IPA service:\n" +" ipa-getkeytab -s ipa.example.com -p HTTP/web.example.com -k /etc/httpd/" +"httpd.keytab\n" "\n" -" Delete a user:\n" -" ipa user-del tuser1\n" msgstr "" -#: ipalib/plugins/user.py:79 -msgid "" -"\n" -" User object.\n" -" " +#: ipalib/plugins/service.py:204 +msgid "service" +msgstr "" + +#: ipalib/plugins/service.py:205 +msgid "services" +msgstr "" + +#: ipalib/plugins/service.py:229 +msgid "Service principal" +msgstr "" + +#: ipalib/plugins/service.py:245 +msgid "Add a new IPA new service." +msgstr "" + +#: ipalib/plugins/service.py:247 +#, python-format +msgid "Added service \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/service.py:253 +msgid "force principal name even if not in DNS" +msgstr "" + +#: ipalib/plugins/service.py:286 +msgid "Delete an IPA service." +msgstr "" + +#: ipalib/plugins/service.py:288 +#, python-format +msgid "Deleted service \"%(value)s\"" +msgstr "" + +#: ipalib/plugins/service.py:322 +msgid "Modify an existing IPA service." +msgstr "" + +#: ipalib/plugins/service.py:324 +#, python-format +msgid "Modified service \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:116 -msgid "User login" +#: ipalib/plugins/service.py:356 +msgid "Search for IPA services." msgstr "" -#: ipalib/plugins/user.py:123 -msgid "First name" +#: ipalib/plugins/service.py:359 +#, python-format +msgid "%(count)d service matched" +msgid_plural "%(count)d services matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/service.py:391 +msgid "Display information about an IPA service." msgstr "" -#: ipalib/plugins/user.py:127 -msgid "Last name" +#: ipalib/plugins/service.py:424 +msgid "Add hosts that can manage this service." msgstr "" -#: ipalib/plugins/user.py:130 -msgid "Full name" +#: ipalib/plugins/service.py:433 +msgid "Remove hosts that can manage this service." msgstr "" -#: ipalib/plugins/user.py:135 -msgid "Display name" +#: ipalib/plugins/service.py:442 +msgid "Disable the Kerberos key and SSL certificate of a service." msgstr "" -#: ipalib/plugins/user.py:140 -msgid "Initials" +#: ipalib/plugins/service.py:445 +#, python-format +msgid "Disabled service \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:146 -msgid "Home directory" +#: ipalib/plugins/sudocmd.py:29 +msgid "" +"\n" +"Sudo Commands\n" +"\n" +"Commands used as building blocks for sudo\n" +"\n" +"EXAMPLES:\n" +"\n" +" Create a new command\n" +" ipa sudocmd-add --desc='For reading log files' /usr/bin/less\n" +"\n" +" Remove a command\n" +" ipa sudocmd-del /usr/bin/less\n" +"\n" msgstr "" -#: ipalib/plugins/user.py:150 -msgid "GECOS field" +#: ipalib/plugins/sudocmd.py:44 ipalib/plugins/sudocmdgroup.py:48 +msgid "commands for controlling sudo configuration" msgstr "" -#: ipalib/plugins/user.py:156 -msgid "Login shell" +#: ipalib/plugins/sudocmd.py:51 +msgid "sudo command" msgstr "" -#: ipalib/plugins/user.py:161 -msgid "Kerberos principal" +#: ipalib/plugins/sudocmd.py:52 +msgid "sudo commands" msgstr "" -#: ipalib/plugins/user.py:168 -msgid "Email address" +#: ipalib/plugins/sudocmd.py:65 +msgid "Sudo Commands" msgstr "" -#: ipalib/plugins/user.py:173 -msgid "Prompt to set the user password" +#: ipalib/plugins/sudocmd.py:66 ipalib/plugins/sudocmd.py:71 +msgid "Sudo Command" msgstr "" -#: ipalib/plugins/user.py:180 -msgid "UID" +#: ipalib/plugins/sudocmd.py:77 +msgid "A description of this command" msgstr "" -#: ipalib/plugins/user.py:181 -msgid "User ID Number (system will assign one if not provided)" +#: ipalib/plugins/sudocmd.py:100 +msgid "Create new Sudo Command." msgstr "" -#: ipalib/plugins/user.py:188 -msgid "Group ID Number" +#: ipalib/plugins/sudocmd.py:102 +#, python-format +msgid "Added Sudo Command \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:193 -msgid "Street address" +#: ipalib/plugins/sudocmd.py:107 +msgid "Delete Sudo Command." msgstr "" -#: ipalib/plugins/user.py:197 -msgid "City" +#: ipalib/plugins/sudocmd.py:109 +#, python-format +msgid "Deleted Sudo Command \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:201 -msgid "State/Province" +#: ipalib/plugins/sudocmd.py:114 +msgid "Modify Sudo Command." msgstr "" -#: ipalib/plugins/user.py:204 -msgid "ZIP" +#: ipalib/plugins/sudocmd.py:116 +#, python-format +msgid "Modified Sudo Command \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:208 -msgid "Telephone Number" +#: ipalib/plugins/sudocmd.py:121 +msgid "Search for Sudo Commands." msgstr "" -#: ipalib/plugins/user.py:211 -msgid "Mobile Telephone Number" +#: ipalib/plugins/sudocmd.py:124 +#, python-format +msgid "%(count)d Sudo Command matched" +msgid_plural "%(count)d Sudo Commands matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/sudocmd.py:130 +msgid "Display Sudo Command." msgstr "" -#: ipalib/plugins/user.py:214 -msgid "Pager Number" +#: ipalib/plugins/sudocmdgroup.py:25 +msgid "" +"\n" +"Groups of Sudo Commands\n" +"\n" +"Manage groups of Sudo Commands.\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new Sudo Command Group:\n" +" ipa sudocmdgroup-add --desc='administrators commands' admincmds\n" +"\n" +" Remove a Sudo Command Group:\n" +" ipa sudocmdgroup-del admincmds\n" +"\n" +" Manage Sudo Command Group membership, commands:\n" +" ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim " +"admincmds\n" +"\n" +" Manage Sudo Command Group membership, commands:\n" +" ipa group-remove-member --sudocmds=/usr/bin/less admincmds\n" +"\n" +" Show a Sudo Command Group:\n" +" ipa group-show localadmins\n" msgstr "" -#: ipalib/plugins/user.py:218 -msgid "Fax Number" +#: ipalib/plugins/sudocmdgroup.py:55 +msgid "sudo command group" msgstr "" -#: ipalib/plugins/user.py:222 -msgid "Org. Unit" +#: ipalib/plugins/sudocmdgroup.py:56 +msgid "sudo command groups" msgstr "" -#: ipalib/plugins/user.py:225 -msgid "Job Title" +#: ipalib/plugins/sudocmdgroup.py:67 ipalib/plugins/sudocmdgroup.py:72 +msgid "Sudo Command Group" msgstr "" -#: ipalib/plugins/user.py:228 -msgid "Manager" +#: ipalib/plugins/sudocmdgroup.py:95 +msgid "Create new Sudo Command Group." msgstr "" -#: ipalib/plugins/user.py:231 -msgid "Car License" +#: ipalib/plugins/sudocmdgroup.py:97 +#, python-format +msgid "Added Sudo Command Group \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:234 -msgid "Account disabled" +#: ipalib/plugins/sudocmdgroup.py:103 +msgid "Delete Sudo Command Group." msgstr "" -#: ipalib/plugins/user.py:258 -msgid "" -"\n" -" Given a userid verify the user's existence and return the dn.\n" -" " +#: ipalib/plugins/sudocmdgroup.py:105 +#, python-format +msgid "Deleted Sudo Command Group \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:276 -msgid "manager %(manager)s not found" +#: ipalib/plugins/sudocmdgroup.py:111 +msgid "Modify Sudo Command Group." msgstr "" -#: ipalib/plugins/user.py:281 -msgid "" -"\n" -" Convert a manager dn into a userid\n" -" " +#: ipalib/plugins/sudocmdgroup.py:113 +#, python-format +msgid "Modified Sudo Command Group \"%(value)s\"" msgstr "" -#: ipalib/plugins/user.py:295 -msgid "" -"\n" -" Add a new user.\n" -" " +#: ipalib/plugins/sudocmdgroup.py:119 +msgid "Search for Sudo Command Groups." msgstr "" -#: ipalib/plugins/user.py:298 -msgid "Added user \"%(value)s\"" +#: ipalib/plugins/sudocmdgroup.py:122 +#, python-format +msgid "%(count)d Sudo Command Group matched" +msgid_plural "%(count)d Sudo Command Groups matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/sudocmdgroup.py:130 +msgid "Display Sudo Command Group." msgstr "" -#: ipalib/plugins/user.py:303 -msgid "Don't create user private group" +#: ipalib/plugins/sudocmdgroup.py:136 +msgid "Add members to Sudo Command Group." msgstr "" -#: ipalib/plugins/user.py:333 -msgid "can be at most %(len)d characters" +#: ipalib/plugins/sudocmdgroup.py:142 +msgid "Remove members from Sudo Command Group." msgstr "" -#: ipalib/plugins/user.py:400 +#: ipalib/plugins/sudorule.py:25 msgid "" "\n" -" Delete a user.\n" -" " +"Sudo Rules\n" +"\n" +"Sudo (su \"do\") allows a system administrator to delegate authority to\n" +"give certain users (or groups of users) the ability to run some (or all)\n" +"commands as root or another user while providing an audit trail of the\n" +"commands and their arguments.\n" +"\n" +"FreeIPA provides a means to configure the various aspects of Sudo:\n" +" Users: The user(s)/group(s) allowed to envoke Sudo.\n" +" Hosts: The host(s)/hostgroup(s) which the user is allowed to to invoke " +"Sudo.\n" +" Allow Command: The specific command(s) permited to be run via Sudo.\n" +" Deny Command: The specific command(s) prohibited to be run via Sudo.\n" +" RunAsUser: The user(s) or group(s) of users whose rights Sudo will be " +"invoked with.\n" +" RunAsGroup: The group(s) whose gid rights Sudo will be invoked with.\n" +" Options: The various Sudoers Options that can modify Sudo's behavior.\n" +"\n" +"FreeIPA provides a designated binddn to use with Sudo located at:\n" +"uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com\n" +"\n" +"To enable the binddn run the following command to set the password:\n" +"LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -" +"ZZ -D \"cn=Directory Manager\" uid=sudo,cn=sysaccounts,cn=etc,dc=example," +"dc=com\n" +"\n" +"For more information, see the FreeIPA Documentation to Sudo.\n" msgstr "" -#: ipalib/plugins/user.py:404 -msgid "Deleted user \"%(value)s\"" +#: ipalib/plugins/sudorule.py:53 +msgid "Commands for controlling sudo configuration" msgstr "" -#: ipalib/plugins/user.py:413 -msgid "" -"\n" -" Modify a user.\n" -" " +#: ipalib/plugins/sudorule.py:56 +msgid "this option has been deprecated." msgstr "" -#: ipalib/plugins/user.py:417 -msgid "Modified user \"%(value)s\"" +#: ipalib/plugins/sudorule.py:72 +msgid "sudo rule" msgstr "" -#: ipalib/plugins/user.py:437 -msgid "" -"\n" -" Search for users.\n" -" " +#: ipalib/plugins/sudorule.py:73 +msgid "sudo rules" msgstr "" -#: ipalib/plugins/user.py:444 -msgid "Self" +#: ipalib/plugins/sudorule.py:92 +msgid "Sudo Rules" msgstr "" -#: ipalib/plugins/user.py:445 -msgid "Display user record for current Kerberos principal" +#: ipalib/plugins/sudorule.py:93 +msgid "Sudo Rule" msgstr "" -#: ipalib/plugins/user.py:463 -msgid "%(count)d user matched" -msgid_plural "%(count)d users matched" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/sudorule.py:123 +msgid "Command category" +msgstr "" -#: ipalib/plugins/user.py:471 -msgid "" -"\n" -" Display information about a user.\n" -" " +#: ipalib/plugins/sudorule.py:124 +msgid "Command category the rule applies to" msgstr "" -#: ipalib/plugins/user.py:484 -msgid "" -"\n" -" Disable a user account.\n" -" " +#: ipalib/plugins/sudorule.py:129 +msgid "RunAs User category" msgstr "" -#: ipalib/plugins/user.py:489 -msgid "Disabled user account \"%(value)s\"" +#: ipalib/plugins/sudorule.py:130 +msgid "RunAs User category the rule applies to" msgstr "" -#: ipalib/plugins/user.py:507 -msgid "" -"\n" -" Enable a user account.\n" -" " +#: ipalib/plugins/sudorule.py:135 +msgid "RunAs Group category" msgstr "" -#: ipalib/plugins/user.py:512 -msgid "Enabled user account \"%(value)s\"" +#: ipalib/plugins/sudorule.py:136 +msgid "RunAs Group category the rule applies to" msgstr "" -#: ipalib/plugins/user.py:529 -msgid "" -"\n" -" Unlock a user account\n" -"\n" -" An account may become locked if the password is entered incorrectly too\n" -" many times within a specific time period as controlled by password\n" -" policy. A locked account is a temporary condition and may be unlocked " -"by\n" -" an administrator.\n" -" " +#: ipalib/plugins/sudorule.py:156 +msgid "Sudo Allow Commands" msgstr "" -#: ipalib/plugins/user.py:538 -msgid "Unlocked account \"%(value)s\"" +#: ipalib/plugins/sudorule.py:160 +msgid "Sudo Deny Commands" msgstr "" -#: ipalib/plugins/virtual.py:20 -msgid "" -"\n" -"Base classes for non-LDAP backend plugins.\n" +#: ipalib/plugins/sudorule.py:164 +msgid "Sudo Allow Command Groups" msgstr "" -#: ipalib/plugins/virtual.py:28 -msgid "" -"\n" -" A command that doesn't use the LDAP backend but wants to use the\n" -" LDAP access control system to make authorization decisions.\n" -"\n" -" The class variable operation is the commonName attribute of the\n" -" entry to be tested against.\n" -"\n" -" In advance, you need to create an entry of the form:\n" -" cn=, api.env.container_virtual, api.env.basedn\n" -"\n" -" Ex.\n" -" cn=request certificate, cn=virtual operations,cn=etc, dc=example, " -"dc=com\n" -" " +#: ipalib/plugins/sudorule.py:168 +msgid "Sudo Deny Command Groups" msgstr "" -#: ipalib/plugins/virtual.py:44 -msgid "" -"\n" -" Perform an LDAP query to determine authorization.\n" -"\n" -" This should be executed before any actual work is done.\n" -" " +#: ipalib/plugins/sudorule.py:172 +msgid "RunAs Users" msgstr "" -#: ipalib/plugins/xmlclient.py:21 -msgid "" -"\n" -"XML-RPC client plugin.\n" +#: ipalib/plugins/sudorule.py:173 +msgid "Run as a user" msgstr "" -#: ipalib/cli.py:581 -#, python-format -msgid "Enter %(label)s again to verify: " +#: ipalib/plugins/sudorule.py:177 +msgid "Groups of RunAs Users" msgstr "" -#: ipalib/cli.py:585 ipa-client/ipa-getkeytab.c:751 -#, c-format -msgid "Passwords do not match!" +#: ipalib/plugins/sudorule.py:178 +msgid "Run as any user within a specified group" msgstr "" -#: ipalib/cli.py:590 -msgid "Cancelled." +#: ipalib/plugins/sudorule.py:183 +msgid "External User" msgstr "" -#: ipalib/cli.py:819 -msgid "Command name" +#: ipalib/plugins/sudorule.py:184 +msgid "External User the rule applies to (sudorule-find only)" msgstr "" -#: ipalib/cli.py:1117 -msgid "No file to read" +#: ipalib/plugins/sudorule.py:188 +msgid "RunAs External User" msgstr "" -#: ipalib/errors.py:300 -#, python-format -msgid "%(cver)s client incompatible with %(sver)s server at %(server)r" +#: ipalib/plugins/sudorule.py:189 +msgid "External User the commands can run as (sudorule-find only)" msgstr "" -#: ipalib/errors.py:318 -#, python-format -msgid "unknown error %(code)d from %(server)s: %(error)s" +#: ipalib/plugins/sudorule.py:193 +msgid "RunAs External Group" msgstr "" -#: ipalib/errors.py:334 -msgid "an internal error has occurred" +#: ipalib/plugins/sudorule.py:194 +msgid "External Group the commands can run as (sudorule-find only)" msgstr "" -#: ipalib/errors.py:356 -#, python-format -msgid "an internal error has occurred on server at %(server)r" +#: ipalib/plugins/sudorule.py:197 ipalib/plugins/sudorule.py:618 +#: ipalib/plugins/sudorule.py:670 +msgid "Sudo Option" msgstr "" -#: ipalib/errors.py:372 -#, python-format -msgid "unknown command %(name)r" +#: ipalib/plugins/sudorule.py:201 +msgid "RunAs Groups" msgstr "" -#: ipalib/errors.py:389 ipalib/errors.py:414 -#, python-format -msgid "error on server %(server)r: %(error)s" +#: ipalib/plugins/sudorule.py:202 +msgid "Run with the gid of a specified POSIX group" msgstr "" -#: ipalib/errors.py:405 -#, python-format -msgid "cannot connect to %(uri)r: %(error)s" +#: ipalib/plugins/sudorule.py:211 +msgid "Create new Sudo Rule." msgstr "" -#: ipalib/errors.py:423 +#: ipalib/plugins/sudorule.py:218 #, python-format -msgid "Invalid JSON-RPC request: %(error)s" +msgid "Added Sudo Rule \"%(value)s\"" msgstr "" -#: ipalib/errors.py:439 -#, python-format -msgid "error marshalling data for XML-RPC transport: %(error)s" +#: ipalib/plugins/sudorule.py:224 +msgid "Delete Sudo Rule." msgstr "" -#: ipalib/errors.py:465 +#: ipalib/plugins/sudorule.py:226 #, python-format -msgid "Kerberos error: %(major)s/%(minor)s" +msgid "Deleted Sudo Rule \"%(value)s\"" msgstr "" -#: ipalib/errors.py:482 -msgid "did not receive Kerberos credentials" +#: ipalib/plugins/sudorule.py:232 +msgid "Modify Sudo Rule." msgstr "" -#: ipalib/errors.py:498 +#: ipalib/plugins/sudorule.py:234 #, python-format -msgid "Service %(service)r not found in Kerberos database" +msgid "Modified Sudo Rule \"%(value)s\"" msgstr "" -#: ipalib/errors.py:514 -msgid "No credentials cache found" +#: ipalib/plugins/sudorule.py:240 +msgid "Search for Sudo Rule." msgstr "" -#: ipalib/errors.py:530 -msgid "Ticket expired" +#: ipalib/plugins/sudorule.py:243 +#, python-format +msgid "%(count)d Sudo Rule matched" +msgid_plural "%(count)d Sudo Rules matched" +msgstr[0] "" +msgstr[1] "" + +#: ipalib/plugins/sudorule.py:250 +msgid "Display Sudo Rule." msgstr "" -#: ipalib/errors.py:546 -msgid "Credentials cache permissions incorrect" +#: ipalib/plugins/sudorule.py:256 +msgid "Enable a Sudo Rule." msgstr "" -#: ipalib/errors.py:562 -msgid "Bad format in credentials cache" +#: ipalib/plugins/sudorule.py:274 +#, python-format +msgid "Enabled Sudo Rule \"%s\"" msgstr "" -#: ipalib/errors.py:578 -msgid "Cannot resolve KDC for requested realm" +#: ipalib/plugins/sudorule.py:280 +msgid "Disable a Sudo Rule." msgstr "" -#: ipalib/errors.py:597 +#: ipalib/plugins/sudorule.py:298 #, python-format -msgid "Insufficient access: %(info)s" +msgid "Disabled Sudo Rule \"%s\"" msgstr "" -#: ipalib/errors.py:641 -#, python-format -msgid "command %(name)r takes no arguments" +#: ipalib/plugins/sudorule.py:304 ipalib/plugins/sudorule.py:322 +msgid "Add commands and sudo command groups affected by Sudo Rule." msgstr "" -#: ipalib/errors.py:661 -#, python-format -msgid "command %(name)r takes at most %(count)d argument" -msgid_plural "command %(name)r takes at most %(count)d arguments" -msgstr[0] "" -msgstr[1] "" +#: ipalib/plugins/sudorule.py:313 ipalib/plugins/sudorule.py:331 +msgid "Remove commands and sudo command groups affected by Sudo Rule." +msgstr "" -#: ipalib/errors.py:691 -#, python-format -msgid "overlapping arguments and options: %(names)r" +#: ipalib/plugins/sudorule.py:340 +msgid "Add users and groups affected by Sudo Rule." msgstr "" -#: ipalib/errors.py:707 -#, python-format -msgid "%(name)r is required" +#: ipalib/plugins/sudorule.py:375 +msgid "Remove users and groups affected by Sudo Rule." msgstr "" -#: ipalib/errors.py:723 ipalib/errors.py:739 -#, python-format -msgid "invalid %(name)r: %(error)s" +#: ipalib/plugins/sudorule.py:408 +msgid "Add hosts and hostgroups affected by Sudo Rule." msgstr "" -#: ipalib/errors.py:755 -#, python-format -msgid "api has no such namespace: %(name)r" +#: ipalib/plugins/sudorule.py:443 +msgid "Remove hosts and hostgroups affected by Sudo Rule." +msgstr "" + +#: ipalib/plugins/sudorule.py:477 +msgid "Add users and groups for Sudo to execute as." msgstr "" -#: ipalib/errors.py:764 -msgid "Passwords do not match" +#: ipalib/plugins/sudorule.py:512 +msgid "Remove users and groups for Sudo to execute as." msgstr "" -#: ipalib/errors.py:773 -msgid "Command not implemented" +#: ipalib/plugins/sudorule.py:545 +msgid "Add group for Sudo to execute as." msgstr "" -#: ipalib/errors.py:782 -msgid "Client is not configured. Run ipa-client-install." +#: ipalib/plugins/sudorule.py:580 +msgid "Remove group for Sudo to execute as." msgstr "" -#: ipalib/errors.py:810 ipalib/errors.py:1050 ipalib/errors.py:1144 -#: ipalib/errors.py:1424 ipalib/errors.py:1441 -#, python-format -msgid "%(reason)s" +#: ipalib/plugins/sudorule.py:613 +msgid "Add an option to the Sudo Rule." msgstr "" -#: ipalib/errors.py:826 -msgid "This entry already exists" +#: ipalib/plugins/sudorule.py:655 +#, python-format +msgid "Added option \"%s\" to Sudo Rule \"%s\"" msgstr "" -#: ipalib/errors.py:842 -msgid "You must enroll a host in order to create a host service" +#: ipalib/plugins/sudorule.py:665 +msgid "Remove an option from Sudo Rule." msgstr "" -#: ipalib/errors.py:858 +#: ipalib/plugins/sudorule.py:710 #, python-format -msgid "" -"Service principal is not of the form: service/fully-qualified host name: " -"%(reason)s" +msgid "Removed option \"%s\" from Sudo Rule \"%s\"" msgstr "" -#: ipalib/errors.py:874 +#: ipalib/plugins/user.py:29 msgid "" -"The realm for the principal does not match the realm for this IPA server" +"\n" +"Users\n" +"\n" +"Manage user entries. All users are POSIX users.\n" +"\n" +"IPA supports a wide range of username formats, but you need to be aware of " +"any\n" +"restrictions that may apply to your particular environment. For example,\n" +"usernames that start with a digit or usernames that exceed a certain length\n" +"may cause problems for some UNIX systems.\n" +"Use 'ipa config-mod' to change the username format allowed by IPA tools.\n" +"\n" +"Disabling a user account prevents that user from obtaining new Kerberos\n" +"credentials. It does not invalidate any credentials that have already\n" +"been issued.\n" +"\n" +"Password management is not a part of this module. For more information\n" +"about this topic please see: ipa help passwd\n" +"\n" +"EXAMPLES:\n" +"\n" +" Add a new user:\n" +" ipa user-add --first=Tim --last=User --password tuser1\n" +"\n" +" Find all users whose entries include the string \"Tim\":\n" +" ipa user-find Tim\n" +"\n" +" Find all users with \"Tim\" as the first name:\n" +" ipa user-find --first=Tim\n" +"\n" +" Disable a user account:\n" +" ipa user-disable tuser1\n" +"\n" +" Enable a user account:\n" +" ipa user-enable tuser1\n" +"\n" +" Delete a user:\n" +" ipa user-del tuser1\n" msgstr "" -#: ipalib/errors.py:890 -msgid "This command requires root access" +#: ipalib/plugins/user.py:73 +msgid "Kerberos keys available" msgstr "" -#: ipalib/errors.py:906 -msgid "This is already a posix group" +#: ipalib/plugins/user.py:140 +msgid "user" msgstr "" -#: ipalib/errors.py:922 -#, python-format -msgid "Principal is not of the form user@REALM: %(principal)r" +#: ipalib/plugins/user.py:141 +msgid "users" msgstr "" -#: ipalib/errors.py:938 -msgid "This entry is already enabled" +#: ipalib/plugins/user.py:177 +msgid "User login" msgstr "" -#: ipalib/errors.py:954 -msgid "This entry is already disabled" +#: ipalib/plugins/user.py:184 +msgid "First name" msgstr "" -#: ipalib/errors.py:970 -msgid "This entry cannot be enabled or disabled" +#: ipalib/plugins/user.py:188 +msgid "Last name" msgstr "" -#: ipalib/errors.py:986 -msgid "This entry is not a member" +#: ipalib/plugins/user.py:191 +msgid "Full name" msgstr "" -#: ipalib/errors.py:1002 -msgid "A group may not be a member of itself" +#: ipalib/plugins/user.py:196 +msgid "Display name" msgstr "" -#: ipalib/errors.py:1018 -msgid "This entry is already a member" +#: ipalib/plugins/user.py:201 +msgid "Initials" msgstr "" -#: ipalib/errors.py:1034 -#, python-format -msgid "Base64 decoding failed: %(reason)s" +#: ipalib/plugins/user.py:207 +msgid "Home directory" msgstr "" -#: ipalib/errors.py:1066 -msgid "A group may not be added as a member of itself" +#: ipalib/plugins/user.py:212 +msgid "GECOS field" msgstr "" -#: ipalib/errors.py:1082 -msgid "The default users group cannot be removed" +#: ipalib/plugins/user.py:218 +msgid "Login shell" msgstr "" -#: ipalib/errors.py:1098 -msgid "Host does not have corresponding DNS A record" +#: ipalib/plugins/user.py:223 +msgid "Kerberos principal" msgstr "" -#: ipalib/errors.py:1113 -msgid "Deleting a managed group is not allowed. It must be detached first." +#: ipalib/plugins/user.py:231 +msgid "Email address" msgstr "" -#: ipalib/errors.py:1128 -msgid "A managed group cannot have a password policy." +#: ipalib/plugins/user.py:236 +msgid "Prompt to set the user password" msgstr "" -#: ipalib/errors.py:1160 -#, python-format -msgid "'%(entry)s' doesn't have a certificate." +#: ipalib/plugins/user.py:243 +msgid "UID" msgstr "" -#: ipalib/errors.py:1176 -#, python-format -msgid "Unable to create private group. A group '%(group)s' already exists." +#: ipalib/plugins/user.py:244 +msgid "User ID Number (system will assign one if not provided)" msgstr "" -#: ipalib/errors.py:1192 -#, python-format -msgid "" -"A problem was encountered when verifying that all members were %(verb)s: " -"%(exc)s" +#: ipalib/plugins/user.py:251 +msgid "Group ID Number" msgstr "" -#: ipalib/errors.py:1216 -#, python-format -msgid "no command nor help topic %(topic)r" +#: ipalib/plugins/user.py:257 +msgid "Street address" msgstr "" -#: ipalib/errors.py:1240 -msgid "change collided with another change" +#: ipalib/plugins/user.py:261 +msgid "City" msgstr "" -#: ipalib/errors.py:1256 -msgid "no modifications to be performed" +#: ipalib/plugins/user.py:265 +msgid "State/Province" msgstr "" -#: ipalib/errors.py:1272 -#, python-format -msgid "%(desc)s: %(info)s" +#: ipalib/plugins/user.py:268 +msgid "ZIP" msgstr "" -#: ipalib/errors.py:1288 -msgid "limits exceeded for this query" +#: ipalib/plugins/user.py:272 +msgid "Telephone Number" msgstr "" -#: ipalib/errors.py:1303 -#, python-format -msgid "%(info)s" +#: ipalib/plugins/user.py:275 +msgid "Mobile Telephone Number" msgstr "" -#: ipalib/errors.py:1318 -msgid "modifying primary key is not allowed" +#: ipalib/plugins/user.py:278 +msgid "Pager Number" msgstr "" -#: ipalib/errors.py:1334 -#, python-format -msgid "%(attr)s: Only one value allowed." +#: ipalib/plugins/user.py:282 +msgid "Fax Number" msgstr "" -#: ipalib/errors.py:1350 -#, python-format -msgid "%(attr)s: Invalid syntax." +#: ipalib/plugins/user.py:286 +msgid "Org. Unit" msgstr "" -#: ipalib/errors.py:1366 -#, python-format -msgid "Bad search filter %(info)s" +#: ipalib/plugins/user.py:289 +msgid "Job Title" msgstr "" -#: ipalib/errors.py:1391 -#, python-format -msgid "Certificate operation cannot be completed: %(error)s" +#: ipalib/plugins/user.py:292 +msgid "Manager" msgstr "" -#: ipalib/errors.py:1407 -#, python-format -msgid "Certificate format error: %(error)s" +#: ipalib/plugins/user.py:295 +msgid "Car License" msgstr "" -#: ipalib/errors.py:1458 -msgid "Already registered" +#: ipalib/plugins/user.py:298 +msgid "Account disabled" msgstr "" -#: ipalib/errors.py:1474 -msgid "Not registered yet" +#: ipalib/plugins/user.py:340 +#, python-format +msgid "manager %(manager)s not found" msgstr "" -#: ipalib/frontend.py:398 -msgid "Results are truncated, try a more specific search" +#: ipalib/plugins/user.py:359 +msgid "Add a new user." msgstr "" -#: ipalib/frontend.py:850 -msgid "" -"Retrieve and print all attributes from the server. Affects command output." +#: ipalib/plugins/user.py:361 +#, python-format +msgid "Added user \"%(value)s\"" msgstr "" -#: ipalib/frontend.py:856 -msgid "Print entries as stored on the server. Only affects output format." +#: ipalib/plugins/user.py:368 +msgid "Don't create user private group" msgstr "" -#: ipalib/frontend.py:985 -msgid "Forward to server instead of running locally" +#: ipalib/plugins/user.py:398 +#, python-format +msgid "can be at most %(len)d characters" msgstr "" -#: ipalib/output.py:92 -msgid "A dictionary representing an LDAP entry" +#: ipalib/plugins/user.py:475 +msgid "Delete a user." msgstr "" -#: ipalib/output.py:100 -msgid "A list of LDAP entries" +#: ipalib/plugins/user.py:477 +#, python-format +msgid "Deleted user \"%(value)s\"" msgstr "" -#: ipalib/output.py:111 -msgid "All commands should at least have a result" +#: ipalib/plugins/user.py:486 +msgid "Modify a user." msgstr "" -#: ipalib/parameters.py:296 -msgid "incorrect type" +#: ipalib/plugins/user.py:488 +#, python-format +msgid "Modified user \"%(value)s\"" msgstr "" -#: ipalib/parameters.py:299 -msgid "Only one value is allowed" +#: ipalib/plugins/user.py:510 +msgid "Search for users." msgstr "" -#: ipalib/parameters.py:901 -msgid "must be True or False" +#: ipalib/plugins/user.py:517 +msgid "Self" msgstr "" -#: ipalib/parameters.py:1002 -msgid "must be an integer" +#: ipalib/plugins/user.py:518 +msgid "Display user record for current Kerberos principal" msgstr "" -#: ipalib/parameters.py:1054 +#: ipalib/plugins/user.py:539 #, python-format -msgid "must be at least %(minvalue)d" -msgstr "" +msgid "%(count)d user matched" +msgid_plural "%(count)d users matched" +msgstr[0] "" +msgstr[1] "" -#: ipalib/parameters.py:1064 -#, python-format -msgid "can be at most %(maxvalue)d" +#: ipalib/plugins/user.py:546 +msgid "Display information about a user." msgstr "" -#: ipalib/parameters.py:1074 -msgid "must be a decimal number" +#: ipalib/plugins/user.py:560 +msgid "Disable a user account." msgstr "" -#: ipalib/parameters.py:1097 +#: ipalib/plugins/user.py:563 #, python-format -msgid "must be at least %(minvalue)f" +msgid "Disabled user account \"%(value)s\"" msgstr "" -#: ipalib/parameters.py:1107 -#, python-format -msgid "can be at most %(maxvalue)f" +#: ipalib/plugins/user.py:581 +msgid "Enable a user account." msgstr "" -#: ipalib/parameters.py:1174 +#: ipalib/plugins/user.py:585 #, python-format -msgid "must match pattern \"%(pattern)s\"" -msgstr "" - -#: ipalib/parameters.py:1192 -msgid "must be binary data" +msgid "Enabled user account \"%(value)s\"" msgstr "" -#: ipalib/parameters.py:1208 -#, python-format -msgid "must be at least %(minlength)d bytes" +#: ipalib/plugins/user.py:602 +msgid "" +"\n" +" Unlock a user account\n" +"\n" +" An account may become locked if the password is entered incorrectly too\n" +" many times within a specific time period as controlled by password\n" +" policy. A locked account is a temporary condition and may be unlocked " +"by\n" +" an administrator." msgstr "" -#: ipalib/parameters.py:1218 +#: ipalib/plugins/user.py:611 #, python-format -msgid "can be at most %(maxlength)d bytes" +msgid "Unlocked account \"%(value)s\"" msgstr "" -#: ipalib/parameters.py:1228 +#: ipalib/util.py:192 #, python-format -msgid "must be exactly %(length)d bytes" +msgid "Permission denied: %(file)s" msgstr "" -#: ipalib/parameters.py:1246 -msgid "must be Unicode text" +#: ipalib/util.py:220 +msgid "" +"mail account may only include letters, numbers, -, _ and a dot. There may " +"not be consecutive -, _ and . characters" msgstr "" -#: ipalib/parameters.py:1277 -#, python-format -msgid "must be at least %(minlength)d characters" +#: ipalib/util.py:223 ipalib/util.py:264 +msgid "cannot be longer that 255 characters" msgstr "" -#: ipalib/parameters.py:1287 -#, python-format -msgid "can be at most %(maxlength)d characters" +#: ipalib/util.py:233 +msgid "too many '@' characters" msgstr "" -#: ipalib/parameters.py:1297 -#, python-format -msgid "must be exactly %(length)d characters" +#: ipalib/util.py:239 ipalib/util.py:253 +msgid "" +"address domain is not fully qualified (\"example.com\" instead of just " +"\"example\")" msgstr "" -#: ipalib/parameters.py:1315 -#, python-format -msgid "The character '%(char)r' is not allowed." +#: ipalib/util.py:257 +msgid "domain name may only include letters, numbers, and -" msgstr "" -#: ipalib/parameters.py:1355 -#, python-format -msgid "must be one of %(values)r" +#: ipalib/util.py:270 +msgid "hostname is not fully qualified" msgstr "" -#: ipalib/util.py:200 -#, python-format -msgid "Permission denied: %(file)s" +#: ipalib/util.py:273 +msgid "" +"hostname parts may only include letters, numbers, and - (which is not " +"allowed as the last character)" msgstr "" -#: ipalib/x509.py:174 +#: ipalib/x509.py:213 #, python-format msgid "Issuer \"%(issuer)s\" does not match the expected issuer" msgstr "" -#: ipaserver/plugins/dogtag.py:1313 ipaserver/plugins/dogtag.py:1398 -#: ipaserver/plugins/dogtag.py:1463 ipaserver/plugins/dogtag.py:1541 -#: ipaserver/plugins/dogtag.py:1600 +#: ipaserver/plugins/dogtag.py:1375 ipaserver/plugins/dogtag.py:1460 +#: ipaserver/plugins/dogtag.py:1525 ipaserver/plugins/dogtag.py:1603 +#: ipaserver/plugins/dogtag.py:1662 #, python-format msgid "Unable to communicate with CMS (%s)" msgstr "" @@ -7228,6 +7352,11 @@ msgstr "" msgid "Operating System and version of the host (e.g. Fedora 9)" msgstr "" +#: ipaserver/plugins/ldap2.py:401 +#, python-format +msgid "objectclass %s not found" +msgstr "" + #: ipaserver/plugins/selfsign.py:99 #, python-format msgid "" @@ -7252,281 +7381,295 @@ msgstr "" msgid "certutil failure" msgstr "" -#: ipa-client/config.c:55 +#: ipa-client/config.c:56 #, c-format msgid "cannot open configuration file %s\n" msgstr "" -#: ipa-client/config.c:62 +#: ipa-client/config.c:63 #, c-format msgid "cannot stat() configuration file %s\n" msgstr "" -#: ipa-client/config.c:68 +#: ipa-client/config.c:69 #, c-format msgid "out of memory\n" msgstr "" -#: ipa-client/config.c:79 +#: ipa-client/config.c:80 #, c-format msgid "read error\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:85 ipa-client/ipa-getkeytab.c:821 -#: ipa-client/ipa-rmkeytab.c:190 +#: ipa-client/ipa-getkeytab.c:85 #, c-format -msgid "Kerberos context initialization failed\n" +msgid "Kerberos context initialization failed: %s (%d)\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:147 ipa-client/ipa-getkeytab.c:834 +#: ipa-client/ipa-getkeytab.c:96 +#, c-format +msgid "Unable to parse principal: %s (%d)\n" +msgstr "" + +#: ipa-client/ipa-getkeytab.c:157 ipa-client/ipa-getkeytab.c:851 #, c-format msgid "No system preferred enctypes ?!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:155 +#: ipa-client/ipa-getkeytab.c:165 #, c-format msgid "Out of memory!?\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:173 ipa-client/ipa-getkeytab.c:188 +#: ipa-client/ipa-getkeytab.c:183 ipa-client/ipa-getkeytab.c:198 #, c-format msgid "Out of memory\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:203 +#: ipa-client/ipa-getkeytab.c:213 #, c-format msgid "Warning unrecognized encryption type: [%s]\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:218 +#: ipa-client/ipa-getkeytab.c:228 #, c-format msgid "Warning unrecognized salt type: [%s]\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:245 +#: ipa-client/ipa-getkeytab.c:255 #, c-format msgid "Enctype comparison failed!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:307 +#: ipa-client/ipa-getkeytab.c:317 #, c-format msgid "Failed to create random key!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:320 ipa-client/ipa-getkeytab.c:337 -#: ipa-client/ipa-getkeytab.c:345 ipa-client/ipa-getkeytab.c:382 +#: ipa-client/ipa-getkeytab.c:330 ipa-client/ipa-getkeytab.c:347 +#: ipa-client/ipa-getkeytab.c:355 ipa-client/ipa-getkeytab.c:392 #, c-format msgid "Failed to create key!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:327 ipa-client/ipa-getkeytab.c:360 -#: ipa-client/ipa-join.c:417 ipa-client/ipa-join.c:426 -#: ipa-client/ipa-join.c:563 ipa-client/ipa-join.c:751 -#: ipa-client/ipa-join.c:819 +#: ipa-client/ipa-getkeytab.c:337 ipa-client/ipa-getkeytab.c:370 +#: ipa-client/ipa-join.c:357 ipa-client/ipa-join.c:432 +#: ipa-client/ipa-join.c:450 ipa-client/ipa-join.c:550 +#: ipa-client/ipa-join.c:738 ipa-client/ipa-join.c:806 #, c-format msgid "Out of memory!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:371 +#: ipa-client/ipa-getkeytab.c:381 #, c-format msgid "Bad or unsupported salt type (%d)!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:492 +#: ipa-client/ipa-getkeytab.c:502 #, c-format msgid "No keys accepted by KDC\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:507 +#: ipa-client/ipa-getkeytab.c:517 #, c-format msgid "Out of memory \n" msgstr "" -#: ipa-client/ipa-getkeytab.c:545 +#: ipa-client/ipa-getkeytab.c:555 #, c-format msgid "Out of Memory!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:552 +#: ipa-client/ipa-getkeytab.c:562 #, c-format msgid "Failed to create control!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:576 +#: ipa-client/ipa-getkeytab.c:586 #, c-format msgid "Unable to initialize ldap library!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:583 +#: ipa-client/ipa-getkeytab.c:593 ipa-client/ipa-join.c:219 +#, c-format +msgid "Unable to set LDAP_OPT_X_SASL_NOCANON\n" +msgstr "" + +#: ipa-client/ipa-getkeytab.c:600 #, c-format msgid "Unable to set ldap options!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:596 +#: ipa-client/ipa-getkeytab.c:613 #, c-format msgid "Simple bind failed\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:606 +#: ipa-client/ipa-getkeytab.c:623 #, c-format msgid "SASL Bind failed!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:622 ipa-client/ipa-getkeytab.c:635 -#: ipa-client/ipa-getkeytab.c:642 ipa-client/ipa-getkeytab.c:649 +#: ipa-client/ipa-getkeytab.c:639 ipa-client/ipa-getkeytab.c:652 +#: ipa-client/ipa-getkeytab.c:659 ipa-client/ipa-getkeytab.c:666 #, c-format msgid "Operation failed! %s\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:655 ipa-client/ipa-getkeytab.c:665 +#: ipa-client/ipa-getkeytab.c:672 ipa-client/ipa-getkeytab.c:682 #, c-format msgid "Missing reply control!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:672 +#: ipa-client/ipa-getkeytab.c:689 #, c-format msgid "ber_init() failed, Invalid control ?!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:691 ipa-client/ipa-getkeytab.c:698 +#: ipa-client/ipa-getkeytab.c:708 ipa-client/ipa-getkeytab.c:715 #, c-format msgid "ber_scanf() failed, Invalid control ?!\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:736 +#: ipa-client/ipa-getkeytab.c:753 msgid "New Principal Password" msgstr "" -#: ipa-client/ipa-getkeytab.c:742 +#: ipa-client/ipa-getkeytab.c:759 msgid "Verify Principal Password" msgstr "" -#: ipa-client/ipa-getkeytab.c:776 +#: ipa-client/ipa-getkeytab.c:793 msgid "Print as little as possible" msgstr "" -#: ipa-client/ipa-getkeytab.c:776 +#: ipa-client/ipa-getkeytab.c:793 msgid "Output only on errors" msgstr "" -#: ipa-client/ipa-getkeytab.c:778 +#: ipa-client/ipa-getkeytab.c:795 msgid "Contact this specific KDC Server" msgstr "" -#: ipa-client/ipa-getkeytab.c:779 +#: ipa-client/ipa-getkeytab.c:796 msgid "Server Name" msgstr "" -#: ipa-client/ipa-getkeytab.c:781 ipa-client/ipa-rmkeytab.c:171 +#: ipa-client/ipa-getkeytab.c:798 ipa-client/ipa-rmkeytab.c:171 msgid "The principal to get a keytab for (ex: ftp/ftp.example.com@EXAMPLE.COM)" msgstr "" -#: ipa-client/ipa-getkeytab.c:782 ipa-client/ipa-rmkeytab.c:172 +#: ipa-client/ipa-getkeytab.c:799 ipa-client/ipa-rmkeytab.c:172 msgid "Kerberos Service Principal Name" msgstr "" -#: ipa-client/ipa-getkeytab.c:784 ipa-client/ipa-rmkeytab.c:174 +#: ipa-client/ipa-getkeytab.c:801 ipa-client/ipa-rmkeytab.c:174 msgid "File were to store the keytab information" msgstr "" -#: ipa-client/ipa-getkeytab.c:785 ipa-client/ipa-rmkeytab.c:174 +#: ipa-client/ipa-getkeytab.c:802 ipa-client/ipa-rmkeytab.c:174 msgid "Keytab File Name" msgstr "" -#: ipa-client/ipa-getkeytab.c:787 +#: ipa-client/ipa-getkeytab.c:804 msgid "Encryption types to request" msgstr "" -#: ipa-client/ipa-getkeytab.c:788 +#: ipa-client/ipa-getkeytab.c:805 msgid "Comma separated encryption types list" msgstr "" -#: ipa-client/ipa-getkeytab.c:790 +#: ipa-client/ipa-getkeytab.c:807 msgid "Show the list of permitted encryption types and exit" msgstr "" -#: ipa-client/ipa-getkeytab.c:791 +#: ipa-client/ipa-getkeytab.c:808 msgid "Permitted Encryption Types" msgstr "" -#: ipa-client/ipa-getkeytab.c:793 +#: ipa-client/ipa-getkeytab.c:810 msgid "Asks for a non-random password to use for the principal" msgstr "" -#: ipa-client/ipa-getkeytab.c:795 +#: ipa-client/ipa-getkeytab.c:812 msgid "LDAP DN" msgstr "" -#: ipa-client/ipa-getkeytab.c:795 +#: ipa-client/ipa-getkeytab.c:812 msgid "DN to bind as if not using kerberos" msgstr "" -#: ipa-client/ipa-getkeytab.c:797 +#: ipa-client/ipa-getkeytab.c:814 msgid "LDAP password" msgstr "" -#: ipa-client/ipa-getkeytab.c:797 +#: ipa-client/ipa-getkeytab.c:814 msgid "password to use if not using kerberos" msgstr "" -#: ipa-client/ipa-getkeytab.c:837 +#: ipa-client/ipa-getkeytab.c:838 ipa-client/ipa-rmkeytab.c:190 +#, c-format +msgid "Kerberos context initialization failed\n" +msgstr "" + +#: ipa-client/ipa-getkeytab.c:854 #, c-format msgid "Supported encryption types:\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:841 +#: ipa-client/ipa-getkeytab.c:858 #, c-format msgid "Warning: failed to convert type (#%d)\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:860 +#: ipa-client/ipa-getkeytab.c:877 #, c-format msgid "Bind password required when using a bind DN.\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:873 +#: ipa-client/ipa-getkeytab.c:890 #, c-format msgid "" "Warning: salt types are not honored with randomized passwords (see opt. -P)\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:885 +#: ipa-client/ipa-getkeytab.c:902 #, c-format msgid "Invalid Service Principal Name\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:893 +#: ipa-client/ipa-getkeytab.c:910 #, c-format msgid "Kerberos Credential Cache not found. Do you have a Kerberos Ticket?\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:901 +#: ipa-client/ipa-getkeytab.c:918 #, c-format msgid "" "Kerberos User Principal not found. Do you have a valid Credential Cache?\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:909 +#: ipa-client/ipa-getkeytab.c:926 #, c-format msgid "Failed to open Keytab\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:916 +#: ipa-client/ipa-getkeytab.c:933 #, c-format msgid "Failed to create key material\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:935 +#: ipa-client/ipa-getkeytab.c:952 #, c-format msgid "Failed to add key to the keytab\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:944 +#: ipa-client/ipa-getkeytab.c:961 #, c-format msgid "Failed to close the keytab\n" msgstr "" -#: ipa-client/ipa-getkeytab.c:950 +#: ipa-client/ipa-getkeytab.c:967 #, c-format msgid "Keytab successfully retrieved and stored in: %s\n" msgstr "" @@ -7546,248 +7689,236 @@ msgstr "" msgid "access() on %s failed: errno = %d\n" msgstr "" -#: ipa-client/ipa-join.c:143 ipa-client/ipa-join.c:197 +#: ipa-client/ipa-join.c:143 ipa-client/ipa-join.c:199 #, c-format msgid "Out of memory!" msgstr "" -#: ipa-client/ipa-join.c:204 +#: ipa-client/ipa-join.c:206 #, c-format msgid "Unable to initialize connection to ldap server: %s" msgstr "" -#: ipa-client/ipa-join.c:210 +#: ipa-client/ipa-join.c:212 #, c-format msgid "Unable to enable SSL in LDAP\n" msgstr "" -#: ipa-client/ipa-join.c:216 +#: ipa-client/ipa-join.c:225 #, c-format msgid "Unable to set LDAP version\n" msgstr "" -#: ipa-client/ipa-join.c:236 +#: ipa-client/ipa-join.c:245 #, c-format msgid "Bind failed: %s\n" msgstr "" -#: ipa-client/ipa-join.c:269 +#: ipa-client/ipa-join.c:280 #, c-format msgid "Search for %s on rootdse failed with error %d" msgstr "" -#: ipa-client/ipa-join.c:279 ipa-client/ipa-join.c:331 +#: ipa-client/ipa-join.c:292 ipa-client/ipa-join.c:377 #, c-format msgid "No values for %s" msgstr "" -#: ipa-client/ipa-join.c:322 -#, c-format -msgid "Search for ipaCertificateSubjectBase failed with error %d" -msgstr "" - -#: ipa-client/ipa-join.c:390 +#: ipa-client/ipa-join.c:316 #, c-format -msgid "Unable to determine root DN of %s\n" +msgid "Search for IPA namingContext failed with error %d\n" msgstr "" -#: ipa-client/ipa-join.c:399 +#: ipa-client/ipa-join.c:322 #, c-format -msgid "Unable to determine certificate subject of %s\n" +msgid "IPA namingContext not found\n" msgstr "" -#: ipa-client/ipa-join.c:407 +#: ipa-client/ipa-join.c:368 #, c-format -msgid "Unable to make an LDAP connection to %s\n" +msgid "Search for ipaCertificateSubjectBase failed with error %d" msgstr "" -#: ipa-client/ipa-join.c:432 +#: ipa-client/ipa-join.c:439 #, c-format -msgid "Searching with %s in %s\n" +msgid "Unable to determine root DN of %s\n" msgstr "" -#: ipa-client/ipa-join.c:438 +#: ipa-client/ipa-join.c:457 #, c-format -msgid "ldap_search_ext_s: %s\n" +msgid "Incorrect password.\n" msgstr "" -#: ipa-client/ipa-join.c:446 +#: ipa-client/ipa-join.c:465 #, c-format -msgid "Unable to find host '%s'\n" +msgid "Unable to determine certificate subject of %s\n" msgstr "" -#: ipa-client/ipa-join.c:453 +#: ipa-client/ipa-join.c:481 #, c-format -msgid "Unable to get binddn for host '%s'\n" +msgid "Enrollment failed. %s\n" msgstr "" -#: ipa-client/ipa-join.c:466 +#: ipa-client/ipa-join.c:605 #, c-format -msgid "Host already has principal, trying bind anyway\n" +msgid "principal not found in XML-RPC response\n" msgstr "" -#: ipa-client/ipa-join.c:480 ipa-client/ipa-join.c:633 +#: ipa-client/ipa-join.c:620 #, c-format msgid "Host is already joined.\n" msgstr "" -#: ipa-client/ipa-join.c:484 -#, c-format -msgid "Incorrect password.\n" -msgstr "" - -#: ipa-client/ipa-join.c:495 -#, c-format -msgid "principal not found in host entry\n" -msgstr "" - -#: ipa-client/ipa-join.c:618 -#, c-format -msgid "principal not found in XML-RPC response\n" -msgstr "" - -#: ipa-client/ipa-join.c:699 ipa-client/ipa-join.c:900 +#: ipa-client/ipa-join.c:686 ipa-client/ipa-join.c:887 #, c-format msgid "Unable to determine IPA server from %s\n" msgstr "" -#: ipa-client/ipa-join.c:715 ipa-client/ipa-join.c:915 +#: ipa-client/ipa-join.c:702 ipa-client/ipa-join.c:902 #, c-format msgid "The hostname must be fully-qualified: %s\n" msgstr "" -#: ipa-client/ipa-join.c:724 ipa-client/ipa-join.c:925 +#: ipa-client/ipa-join.c:711 ipa-client/ipa-join.c:912 #, c-format msgid "Unable to join host: Kerberos context initialization failed\n" msgstr "" -#: ipa-client/ipa-join.c:732 +#: ipa-client/ipa-join.c:719 #, c-format msgid "Error resolving keytab: %s.\n" msgstr "" -#: ipa-client/ipa-join.c:741 +#: ipa-client/ipa-join.c:728 #, c-format msgid "Error getting default Kerberos realm: %s.\n" msgstr "" -#: ipa-client/ipa-join.c:759 +#: ipa-client/ipa-join.c:746 #, c-format msgid "Error parsing \"%s\": %s.\n" msgstr "" -#: ipa-client/ipa-join.c:777 +#: ipa-client/ipa-join.c:764 #, c-format msgid "Error obtaining initial credentials: %s.\n" msgstr "" -#: ipa-client/ipa-join.c:788 +#: ipa-client/ipa-join.c:775 #, c-format msgid "Unable to generate Kerberos Credential Cache\n" msgstr "" -#: ipa-client/ipa-join.c:796 +#: ipa-client/ipa-join.c:783 #, c-format msgid "Error storing creds in credential cache: %s.\n" msgstr "" -#: ipa-client/ipa-join.c:846 +#: ipa-client/ipa-join.c:833 #, c-format msgid "Unenrollment successful.\n" msgstr "" -#: ipa-client/ipa-join.c:849 +#: ipa-client/ipa-join.c:836 #, c-format msgid "Unenrollment failed.\n" msgstr "" -#: ipa-client/ipa-join.c:854 +#: ipa-client/ipa-join.c:841 #, c-format msgid "result not found in XML-RPC response\n" msgstr "" -#: ipa-client/ipa-join.c:932 +#: ipa-client/ipa-join.c:919 #, c-format msgid "Unable to join host: Kerberos Credential Cache not found\n" msgstr "" -#: ipa-client/ipa-join.c:940 +#: ipa-client/ipa-join.c:927 #, c-format msgid "" "Unable to join host: Kerberos User Principal not found and host password not " "provided.\n" msgstr "" -#: ipa-client/ipa-join.c:954 +#: ipa-client/ipa-join.c:941 #, c-format msgid "fork() failed\n" msgstr "" -#: ipa-client/ipa-join.c:983 +#: ipa-client/ipa-join.c:970 #, c-format msgid "ipa-getkeytab not found\n" msgstr "" -#: ipa-client/ipa-join.c:986 +#: ipa-client/ipa-join.c:973 #, c-format msgid "ipa-getkeytab has bad permissions?\n" msgstr "" -#: ipa-client/ipa-join.c:989 +#: ipa-client/ipa-join.c:976 #, c-format msgid "executing ipa-getkeytab failed, errno %d\n" msgstr "" -#: ipa-client/ipa-join.c:1001 +#: ipa-client/ipa-join.c:988 #, c-format msgid "child exited with %d\n" msgstr "" -#: ipa-client/ipa-join.c:1007 +#: ipa-client/ipa-join.c:994 #, c-format msgid "Certificate subject base is: %s\n" msgstr "" -#: ipa-client/ipa-join.c:1042 +#: ipa-client/ipa-join.c:1031 msgid "Print the raw XML-RPC output in GSSAPI mode" msgstr "" -#: ipa-client/ipa-join.c:1044 +#: ipa-client/ipa-join.c:1033 msgid "Quiet mode. Only errors are displayed." msgstr "" -#: ipa-client/ipa-join.c:1046 +#: ipa-client/ipa-join.c:1035 msgid "Unenroll this host from IPA server" msgstr "" -#: ipa-client/ipa-join.c:1048 +#: ipa-client/ipa-join.c:1037 msgid "Hostname of this server" msgstr "" -#: ipa-client/ipa-join.c:1048 ipa-client/ipa-join.c:1050 +#: ipa-client/ipa-join.c:1037 ipa-client/ipa-join.c:1039 msgid "hostname" msgstr "" -#: ipa-client/ipa-join.c:1050 +#: ipa-client/ipa-join.c:1039 msgid "IPA Server to use" msgstr "" -#: ipa-client/ipa-join.c:1052 +#: ipa-client/ipa-join.c:1041 msgid "Specifies where to store keytab information." msgstr "" -#: ipa-client/ipa-join.c:1052 +#: ipa-client/ipa-join.c:1041 msgid "filename" msgstr "" -#: ipa-client/ipa-join.c:1054 +#: ipa-client/ipa-join.c:1043 msgid "LDAP password (if not using Kerberos)" msgstr "" -#: ipa-client/ipa-join.c:1054 +#: ipa-client/ipa-join.c:1043 msgid "password" msgstr "" +#: ipa-client/ipa-join.c:1045 +msgid "LDAP basedn" +msgstr "" + +#: ipa-client/ipa-join.c:1045 +msgid "basedn" +msgstr "" + #: ipa-client/ipa-rmkeytab.c:43 #, c-format msgid "Unable to parse principal name\n" -- cgit